Information Risk & Program analyst (F/H) - Alternance
Internship Paris 1er Arrondissement (Paris) Legal
Job description
The AXA Group, world leader in Financial Protection, supports and advises its individual and corporate customers at every life stage, providing them with the products and services that meet their insurance, personal protection, savings and wealth management needs.
Our areas of expertise are reflected in a range of products and services adapted to the needs of each client in three major business lines: property-casualty insurance, life & savings, and asset management.
In 2018, present in 61 countries, the 171,000 employees and distributors of AXA were committed to serving 105 million clients.
AXA Corporate Center’s main missions are to:
·
Steer the entities in order to ensure the coherence of the strategies, the consistency of the commercial approaches as well as the optimization of the risks and results;
·
Defining and coordinating Group policies, different transversal projects and standards, identifying and sharing best practices;
·
Supporting the entities in order to help them to grow, to develop their offer, their management and steering standards as well as their risk management.
The head office of AXA Group (GIE AXA), based in Paris 8th, gathers the Group's corporate activities. It coordinates the various entities according to the Group's strategy and is responsible for managing international projects. The headquarters is composed with over 850 employees and is distinguished by its strong international culture (45 nationalities).
Direction Presentation:
In the context of growing cybersecurity threats and global information risks, regulators require AXA to get a solid second line of defense to ensure the overall risks are adequately managed and that risk appetite is mastered in that respect. Although protection of information is a shared responsibility of all AXA entities, including all AXA employees, agents, and advisors, GRM has set a specific department to guide and control AXA in this effort: Group Information Risk Management (GIRM) is responsible for leading the enterprise's approach for managing existing and emerging risks associated with the stewardship of AXA information*.
(*Information relates to Data (data as valuable assets: data flows, data management), Information Systems (“IS” comprising architecture, applications and their infrastructure, organization, staffing, security, transformation…) and related technological innovation (R&D, PoC, AI, IoT…).)
The “Information Risk, Anticipate and Report” team allows the oversight of the risk management processes from end-to-end (from identification to mitigation and monitoring): through the setting and animation of an Information Risk Management framework, it defines and challenges the expected level of controls to be implemented by the AXA entities, as well as it regularly reports to the Group stakeholders about the level of residual risks from the ground, to generate, drive and follow-up good risk-based decisions. In addition, when a financial institution relies upon third parties to provide operational services, they also rely on those service providers to have sufficient recovery capabilities for the specific services they perform on behalf of the financial institution: therefore, an effective vendor risk management helps to identify, measure, monitor, and mitigate the risks associated with outsourcing.
Core activities:
·
Participate to develop and maintain the Information Risk Framework.
·
Support its implementation and maintenance at corporate and entity level:
·
Develop and maintain the quantitative models on IT risks (cyber-attack leading to data leakage, cloud outage, infrastructure failure…) in coordination with Group Operational Risk team and other corporate stakeholders.
·
Participate to improve the incidents monitoring and the quality of service at corporate and entity level.
·
Participate to develop, automatize and maintain the Key Risk Indicators Dashboard on Information Risks.
·
Participate to develop and maintain the global vendor risk management framework in coordination with corporate stakeholders (i.e. Group Procurement and Group COO teams)
·
Support its implementation and maintenance at corporate center and entity level.
·
Participate to animate and drive the Vendor Risk Management Community ensuring information and decision are shared.
·
Participate to develop and maintain the Group internal control framework on Technology, Data Management and Procurement macro-processes and to the integration of internal control in the Group and local business processes, on a risk-based approach
·
Support its implementation and maintenance at corporate and entity level.
·
Participate to animate and support the Information Risk Management Community ensuring information and decision are shared.
·
Provide support and assistance to business and entities in support of both Information risk and vendor risk activities and controls
·
Ensure risk issue escalation and management are defined, efficient and aligned with AXA Group risk appetite framework
·
Maintain an active and shared awareness of both Information risk and vendor risk industry best practices and regulatory developments
Desired profile
Qualifications :
Education: apprenticeship in Risk Management, Finance or information Systems field in order to validate a bachelor or master’s degree.
Experience: internship experience, preferably in Financial Services industry, including risk management experience.
Other skills:
·
Knowledge of IT system and processes,
·
Project management skills,
·
Understanding of information risk, vendor risk and operational risk management and mitigation controls.
·
Experience in managing relationships.
·
Good communication and presentation skills.
·
Ability to work in and contribute to a team-oriented and collaborative environment.
Soft skills:
· Rigorous
· Proactive
·
Good level in English