Information Security Assurance Lead

AXA Life Insurance

  • Cairo
  • Permanent
  • Full-time
  • 1 month ago
Job Summary:The Information Security Assurance Lead is responsible for overseeing the development, implementation, and continuous improvement of the organization's information security assurance programs. This role ensures that security policies, standards, procedures, and controls are effectively enforced and aligned with regulatory and organizational requirements for local, domestic and international regulator.The position works closely with cross-functional teams to assess security risks, drive compliance, and support audits and certifications such as ISO/IEC 27001, NIST, and other relevant frameworks.Key Responsibilities:
  • Security Governance & Assurance
  • Lead the development and maintenance of the Information Security Assurance Program.
  • Ensure the effectiveness of security controls and governance processes.
  • Conduct periodic internal reviews, gap assessments, and risk assessments.
  • Compliance and Risk Management
  • Maintain compliance with applicable laws, regulations, and applicable standards (e.g., ISO/IEC 27001, NIST, GDPR).
  • Track regulatory changes and ensure timely updates to policies and procedures.
  • Work with business and IT stakeholders to assess and remediate control gaps.
  • Coordinate and support internal and external security audits and certification activities.
  • Develop audit readiness plans and evidence collection templates.
  • Policy and Control Development
  • Define, document, and maintain security policies, standards, and procedures.
  • Ensure that policies are reviewed, approved, and communicated effectively.
  • Map controls to risk and compliance frameworks.
  • Develop and maintain dashboards and reports for executive management.
  • Track key performance indicators (KPIs) and key risk indicators (KRIs).
  • Escalate security risks and compliance gaps as appropriate.
  • Training and Awareness
  • Drive information security awareness and compliance training initiatives.
  • Provide expert guidance to internal teams regarding control design and implementation.
  • Stakeholder Collaboration
  • Collaborate with Legal, Risk, IT, HR, and Business Units to ensure integrated security and compliance processes.
  • Serve as the subject matter expert on security assurance in business initiatives and projects.

Bayt