Information Security Advisory, Principal (Associate Diretor Level) | HK Talent Engage

Job description

At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on.

About the Role

Working in conjunction with other professional colleagues and specialists, the Specialist is responsible to the development and implementation of technology risk management governance programmes with the alignment of the Group Information Security's strategic direction

Roles and Responsibilities:

This position plays a significant role in supporting management and Director of Information Security(IS) of AIA Hong Kong and Macau to promote and enhance the maturity of IT/cyber security of the organisation, as well as related entities (such as AIA Investment Management). This is to be done through maintaining and enhancing business-critical security solutions. Therefore, the individual should be an IT technical expert, and the job holder must be a quick learner who can grasp a wide range of IT/cyber security topics. The individual must also be a great communicator who can convey messages involving highly technical IT/cyber risk concepts to all levels of staff and to strategic stakeholders (such as Head of IT teams and Head of Departments) in an efficient and professional manner

(Daily operation) Application Security - Assess and evaluate information security products and solutions

• Advise and assess security control of critical applications and IT infrastructure services
• Facilitate the deployment of strategic information security solutions to address the cyber threat and information security risk exposure
• Ensure the cybersecurity resilience to proactively prevent from business disruption or service outage
• Reduce risk exposure, improve efficiency, and strike balance of data protection

Communications and engagement with key stakeholders such as Head of IT teams and Head of Departments - Promote the importance of the compliance of AIA standard, and driving thought leadership in this evolving paradigm

Others: - Coordinate ad-hoc cross-functional teams on special projects or critical initiatives relating to IS

• Communicate with group offices, business partners, corporate clients, IT vendors and external parties on IT security matters, as and when needed
• You are required to obtain the relevant license(s) if your job involves regulated activities

Minimum Job Requirements:- Degree holder in Computer Science, Information Systems, Engineering, Risk Management, or a related discipline

• Minimum of 10 years on project management, product support and vendor management
• Knowledgeable of cloud industry trends for driving thought leadership in this evolving paradigm, and security challenges associated on the cloud
• Proven knowledge in authentication solutions, like Multi-factor Authentication (MFA), OAuth2, SAML and encryption solutions
• In-depth knowledge in hardening Internet-facing applications with highly confidential information
• Hand-on experience of various security tools
• Very good understanding and proven use of DevSecOps
• Experience developing cloud-native (AWS, Azure) applications will be an advantage
• Experience in production support will be an advantage
• Holder of relevant audit professional qualification and/or IT security certificates preferred (such as CISA, CISM, CISSP etc.)
• Excellent communication (written and oral) skills, and demonstratable experience as a highly effective facilitator of cross functional teams
• Ability to solve complex problems while effectively communicating technical concepts
• Ability to learn and apply new technologies quickly
• Confident and credible; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.