UK Operationel Resilience Officer
Description:
Shift: Day Job
Schedule: Full-time
At AXA IM our purpose, to act for human progress by investing for what matters, is central to every action we take as a business. As a responsible asset manager, we actively invest for the long-term to help our clients, our people and the world to prosper.
As a future UK Operationel Resilience Officer you will report to our Head of Operational Resilience, Physical Security, Health & Safety and you will be part of AXA IM Security team.
The Operational Resilience team is responsible for designing and implementing operational resilience, business continuity, crisis and incident management plans and policies for AXA IM on a global scale.
This includes managing crisis exercises, business impact analysis, testing plans, physical security plans, trainings, and L2 controls.
Specifically within the UK and in compliance with the regulator (FCA), the team defines AXA IM UK's Important Business Services, calculates impact tolerance, and develops corresponding testing plans and remediation strategies. The overarching goal within this diverse international team is to ensure the achievement of operational resilience objectives, address regulatory requirements for AXA IM UK, facilitate regular review of Important Business Services Impact Tolerance in collaboration with the business, and implement the operational resilience strategy at a local level.
DISCOVER your opportunity
In an environment where social unrest, terrorism, disruptive technologies, unpredictable natural disasters, cyber risk and misuse of information are a reality, the decision of our customers to partner with an organization is going to be based on whether they trust that organization to keep them safe and secure. Our team role is to ensure security is embedded in everything we do. The asset management industry is regulated in different locations. In the UK, the FCA identified Operational Resilience as a priority for the industry. There is a need to have an Operational Resilience Officer dedicated to AXA IM UK to work on the regulatory compliance and to enforce the policies locally.
The Operational Resilience Officer plays a pivotal role in AXA IM's Security Strategy, serving as a dedicated asset for ensuring compliance with both FCA and DORA regulations within AXA IM UK. Acting as a cornerstone between the security team and all key stakeholders, the Officer facilitates strong collaboration with business units, Compliance, Operational Risks, Information Security, IT, Internal Audit, and, Senior Management. This collaborative approach provides visibility on activities, enabling informed strategic decisions on security across the organization.
Your main responsibilities will be to:
1- Steer the FCA request answers with the business units by:
Being the owner of the Important Business Services methodology, to identify all processes, resources mapping and impact analysis on Market, Firm and Clients.
Develop severe but plausible testing scenarios (With Op Risks), to ensure the inclusion of IBS into the annual test plan. And Conduct periodic or event-driven Stress Testing.
Work with the business owners on the review of the impact tolerance, with a deep-dive approach within the business activities and capabilities.
Ensure full validation from the business owners on impact tolerance and associated comments
Review and continually improve the mapping of the supporting assets across all relevant processes.
Regularly report the KPis to the appropriate forums.
Develop the incident process where impact tolerances might be affected in collaboration with Operational Risk
Define, then, Conduct regular oversight of the impact tolerance levels (currently set @ 2days).
Be the owner of the FCA self-assessment document, develop it as a live document with regular updates.
Ensure the onboarding of any new stakeholders affected by the FCA request or important business services processes.
2- Monitor and control vulnerabilities:
Review and refine the resilience controls used to assess vulnerabilities of mapped resources
Oversee the process of identifying, classifying, prioritizing specific vulnerabilities related to Important Business Services including escalation.
Oversee the execution of vulnerability remediation, ensuring compliance with agreed risk appetite.
Assess any change (business or operations) that could negatively impact on operational resilience.
3- Risk management:
Participate to the definition of local risks and annual review
Coordinate the response when Important Business Services are threatened
Connect to incidents to identify any operational resilience threats in the UK
Identify operational resilience threats from 2nd and 3RD line observation.
Build relationships with key correspondants, such as 3rd parties, for information sharing and incident management.
Ensure the update of Operational resilience processes, policies, plans, standards, high-risk scenarios plans following results of tests aligned with the global framework.
4- Coordination:
Support to critical information consumers (consumer duty, assessment of value)
Review the answers to the security questionnaires and due diligences on operational reslience for AXA IM UK providers and projects.
Be up-to-date on regulatory change and industry developments on Operational Resilience
Help to the development of mitigating strategies to vulnerabilities or threats with the different stakeholders.
Ensure proper trainings and awareness are done for the UK Incident Management Team.
#LI-JB1
SHARE your unique expertise
We welcome different combinations of skills and experiences.
Education and experience
Master’s degree-level education or equivalent
Experience in Operational Resilience
Experience in Compliance assessments or regulatory reviews
Experience in financial services institution or in an asset manager would be a plus
A recognized certification (CISA, CISM, ISO 27001, ISO 22301) is a plus
Technical skills
Expertise on compliance with regulations
Knowledge of Risk Management
Knowledge of asset management activities and products
Knowledge of the UK market
Knowledge in Operational Resilience
English Mother tongue level.
A good level in French (oral) would be a plus
Soft skills
Client focus,
Rigor and autonomy
Proactivity and curiosity
Team work
We would love to know more about you. Let’s connect! Send us your resume.