SECURITY AND COMPLIANCE MANAGER
AXA TECHNOLOGY SERVICES
Total des années d'expérience :6 years, 3 Mois
Security & continuity:
1. Management of IS Security team and coordination of technical experts:
Definition of annual work plan of the team
Resource management, distribution of common tasks and Business projects.
Validation of Security change requests (ITIL process)
Monitoring of the Security partnership subcontracting
Preparation of Security annual budget estimates
2. Operational maintenance of Security infrastructure
Level 3 support and change management.
Propose and implement changes and new processes to meet business needs and developments.
3. Security Project Management
Redesign Security architecture during the Data center move.
Secure internet portals for customers by enhancing site security against attacks and loss of availability.
Virtualization of Security Infrastructure through managing Obsolescence Park.
Supporting business projects.
4. Crisis Management IS Security (Forensics and remediation) and physical.
Participating in the drafting of Group Security policies.
Writing Architecture Security rules in accordance with the Group Security Policy.
User awareness of the Security of Information Systems.
Crisis management (IT and non IT)
Compliance:
1. Regulatory risk:
- Strategic and policy issues at the country level regarding regulation and compliance;
- Served as a regulatory interface in professional dialogues with regulators
2. Compliance visibility:
- Regularly prepared an annual Compliance Key Objective Plan
- Advised management on global compliance requirements and Moroccan laws and regulations and gave support on compliance issues.
- Participated in Management Team platforms and Cies.
3. Policies, procedures and standards:
- Set overall compliance policies and procedures consistently with global group standards and business principles and Moroccan laws and regulations (Whistleblowing, Gifts&Entertainment etc.).
4. Training / awareness:
- Implemented and conducted regular compliance induction and refreshing training and awareness workshops (including computer-based trainings) for company staff on local and global compliance policies and procedures and on new/amended Moroccan regulations.
5. Monitoring & Surveillance:
- Set up transactions filtering, monitoring and reporting framework at country level.
- Monitored adherence to applicable policies and procedures and supervised staff to detect breaches of compliance.
6. Reporting:
- Set up and maintained regular compliance reporting to company’s management.
- Ensured appropriate and regular reporting on compliance matters to regulators.
7. Business interaction:
- Participated as key stakeholders in various global and local projects with a relevant compliance aspect.
Definition, set-up and development of an Information Security Management System
- Risk management
- Corporate security governance definition
- Definition and management of security indicators
- Development of a security awareness program
- Incident Management
- Audit
ADDITIONAL SKILLS
- Dynamic and proactive;
- Strong communications skills;
- Very strong team player with ability to work independently and under pressure;
- Ability to assimilate new skills quickly;
- Solid foundation and knowledge .