Identity and Access Management (IAM) Expert

High level job description: You will be a member of the ‘Information Security’ Team composed of IAM experts, Application & Cloud Security experts, Workplace and Data leakage experts

The information Security team is part of the ‘AXA Belgium Security Office’ department lead by the AXA Chief Security Officer

Your mission is to promote and ensure that AXA Belgium applications, platforms and data (structured and unstructured like NAS and SharePoint) are protected thanks to adequate “Identity and Access Management” controls

You will work mainly in collaboration with security colleagues, security and solution architects, IT product teams, IAM Security correspondents, business teams and AXA group Identity and Access Management colleagues

Main tasks: The key tasks of the “Identity & Access Management (IAM) Expert” are as follows: Security oversight: Act as IAM expert for AXA Belgium Security Office department thanks amongst others to a relevant IAM end to end knowledge on AXA applicative landscape, identities and processes

Oversee, review, measure, document and drive efforts to increase maturity and effectiveness of identity and access management processes/controls and associated ISO 27K controls objectives

Ensure adequate role model is maintained in collaboration with business and IAM security correspondents

Maintain up-to-date IAM heatmap to provide a clear “risk based” view of the AXA Belgium assets from an Identity and Access Management view

Define the IAM strategy for business projects and ensure thanks to adequate processes that this strategy is effectively implemented with the support of the application security team

Produce clear presentation on IAM risks, strategy, current situation towards IAM stakeholders (technical and business): application owner, management, internal controls and auditors

IAM controls enhancements Define the IAM roadmap based on IAM heatmap, AXA security instructions, eventual deficiencies, AXA Belgium/AXA group solutions evolutions and business strategy/requirements

Participation to projects related to or impacting “Identity and Access Management” by providing and following Security Office requirements implementation; ensure adequate “business as usual” (BAU) processes are defined and documented so that these are smoothly executed (by other teams)

Active participation to the enhancement of a “User Risk Based Inventory” highlighting key risks to business and triggering adequate remediation or acceptance

Awareness: Maintain/animate the collaboration with IAM Security correspondents/officers to ensure a close alignment between Security Office and business for IAM topics

Promote security culture and define/participate to the education of AXA. employees and AXA IT departments (e.g. architecture, engineering, operations) on IAM risks, processes, procedures and requirements

Good to know: The configuration of IGA (Identity Governance and Administration) solutions is performed by AXA colleagues based on Information Security team requirements/guidelines AXA Belgium relies significantly on security products or services provided by AXA group to (all) AXA entities

Profile: Study/Experience/Knowledge Bachelor or Master in Computer Science / Information Systems / Information Security or other related field

Minimum 5 years of relevant “Identity and Access Management” experience

Longer experience and/or experience in the financial sector is a strong asset

A broader experience of “Application Security” (in whatever application security “area”) is an asset

Strong understanding of the different types of identities and accounts (amongst others privilege and non-privilege, personal and shared or technical,…) including the “Identity and Access Management” best practices and Role Based Access Controls (RBAC) and processes

Experience of Identity and Access Management controls and processes on at least of few asset types (like front-end applications, back-end, APIs, NAS, SharePoint,…) on at least a few platforms (like Mainframe, distributed servers (Windows and Linux), cloud (Azure and AWS) and SAAS solutions)

Good understanding of the different repositories (Active Directly, Entra ID, LDAP,…) with knowledge on the way to query these

Ability to run advanced analysis, pivot table and reports based on O365 product suite

Knowledge and experience of IGA (Identity Governance and Administration), Privilege User Access Management solutions (PUAM) and Password Management solutions is an asset

Experience in creation and follow-up of remediation action plans implementation (no project management skills/experience are required)

Experience in risk identification and assessment is an asset

Good knowledge/experience of ISO27K is an asset

Soft skills Strong teamwork despite able to work autonomously

Problem solver and have excellent analytical skills

Good communication skills towards technical teams, business teams and management

Good negotiation skills

You communicate (written and verbal) fluently English on top of a good knowledge in French and/or Dutch

AXA aims to be a reflection of the diverse society in which we live and has therefore been pursuing a policy of active diversity, non-discrimination, and equal opportunities for many years

In this context, we guarantee equal treatment and access to recruitment, regardless of age, origin, cultural background, disability, gender, sexual orientation, or other characteristics

AXA Belgium We are more than 3000 employees, partnering with 3200 brokers, located in our modern offices in Brussels, Antwerp, Eupen, and Liège

We are serving 3 million customers, and we are proud to be the number 1 car insurer

It is our ambition to not only be a payer but rather a real partner for our customers

Our four core values drive us every day to give our best for our customers while collaborating effectively with our colleagues: Customer First, Integrity, Courage, and One AXA

At AXA, we reject unfair or unlawful discrimination in any form

More info in our Diversity & Inclusion Policy

What we offer A nice reward for your work An attractive salary, supplemented with discretionary personal and of course, meal and eco vouchers, the full reimbursement of public transport, and a cafeteria plan

The benefits of working at an insurance company From group to hospitalization insurance and ambulatory care (family members can also join at an advantageous rate) and with up to 30% discount on all additional insurance products

A job that respects your personal life and dreams A flexible schedule of 35 hours per week, 36 days of leave per year to recharge, as well as the option to work partially from home

You will benefit from sports classes at work, employee wellness programs and trainings, to keep you in great shape, both physically and mentally.