Application Security Officer (Cyber Security Officer)

· Enforce Security by Design on all phases of Software Development Life Cycle.

· Monitor and validate progress on the remediation implemented to address outstanding issues/vulnerabilities

· Manages internal and external VAPT engagements conducted by external vendor. Ensures closure of audit finding.

· Review result and methodology from vulnerability scan and penetration test conducted by vendor

· Perform manual or automated tests to validate remediation

· Perform technical and security reviews on assets impacting operations of applications

· Work with internal teams to resolve security findings on applications

· Take the corrective action needed to meet the standards required by security policy, procedures, network architectures and software design

· Promote security awareness program on secure coding and systems development life cycle

· Other tasks or duties that may be assigned in line with the Information Security Program

KEY CUSTOMERS:

· Local Users of AXA applications

· IT Service Delivery Team and Solution Delivery Teams

· Business owners and Product owners

· Vendors

· Auditors

· Regional/Group Security

· Dev team

WORKING RELATIONSHIPS WITHIN BUSINESS UNIT

· Work with CSO, CIO, IT Operations and Security Head, IT Security Director and Group Operations Security Leaders to gain a clear understanding on the overall corporate direction with regards to security initiatives and control implementation.

· Work with regional and local IT team heads to ensure they carry out the planned actions and projects to mitigate IT security risks.

· Work with business department heads to ensure that security is taken into consideration and implement the required actions that fall within the business area.

· Work with Regional/Group audit team for Pen test report

· Coordinates with the application developers and owners for remediation