Job Description

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on.

About the Role

We are seeking an experienced senior manager to lead our information security team, combining strong hands-on technical expertise as well as people management experience in the information security domain. They will lead a team to manage. They will lead a team to manage Security Operations (SecOps), encompassing threat detection and response, incident management, vulnerability management, security monitoring, and continuous improvement of defensive capabilities.

WHAT YOU’LL BE DOING

Infrastructure Security

• Manage end-to-end infrastructure security activities, such as vulnerability management, servers’ security monitoring & hardening, infrastructure as a code, etc.

• Design and/or review infrastructure security architecture proposal for various security-driven initiatives for on-premises and cloud environment.

Cloud Security

• Manage compliancy level of AIA SG cloud security assets based on ongoing regular scanning according to the defined threshold.

• Evaluate the security aspect of new cloud-based solutions proposed by application development team, infrastructure team, or business users.

• Manage various cloud security BAU activities, such as assets provisioning, deprovisioning, hardening, etc.

Identity and Access Management

• Supervise the AIA-SG IAM Manager and their team performing IAM Governance functions for the Business Unit.

Cyber Security & Security Incident Handling

• Work with Security Operation Centre (SOC) Team to ensure secure protection of AIA SG environment.

• Deploy new cyber security initiatives and roll out the platform together with SOC Team.

• Point of contact for security incident handling and investigation, starting from incident is identified, handled, and resolved.

Security Advisory

• Provide feasible security recommendations or guidance based on queries / changes initiated by application development team, infrastructure team, or business users.

• Facilitate challenging security conversations and provide acceptable solutions where IT standards are contradicting with business demands to achieve acceptable business solutions without sacrificing security and compliance aspects.

People Development

• Supervise 8 team members.

• Drive a continues Learning and Development program for the team members through inhouse and external training programs.

• Lead promotion of activities to increase information security within your teams to embed and continuously improve adherence to good practice.

WHAT WE ARE LOOKING FOR:

• University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems).

• Minimum 15 years of experiences of information security domain, especially in Application Security, Infrastructure Security and Cloud Security.

• Preferable to have security infrastructure operation background with hands-on experiences of designing and/or reviewing application security or infrastructure security.

• Hands-on information security experience in the Multiple Cloud Environment (SaaS, PaaS and IaaS) and Cyber Incident management.

• Certifications related to security architecture or Cloud Security is preferable, such as CCSP, Azure DevOps certification, Azure Solutions Architect certification, etc.

• Preferably a holder of one or more of the following information security and audit qualifications: CISSP, CISA, CRISC, CCSP.

• Good knowledge of latest security technologies and cyber landscape in a highly regulated industry.

• Good interpersonal and communication skill.

• Strong leadership with a high integrity, proactive mindset, and strong ownership.

• Working experiences in insurance / banking / IT industry is preferred.

• Infrastructure Security: Windows, Linux, AS400.

• Security Advisory and Assessment, and incident management.

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.