Bring your career aspirations to life with AIA!

Working in conjunction with other professional colleagues and specialists, the Specialist is responsible to the development and implementation of information security management and governance programmes with the alignment of the Group Information Security’s strategic direction

Roles and Responsibilities:

This position plays a significant role in supporting management and Director of Information Security(“IS”) of AIA Hong Kong and Macau to promote and enhance the maturity of cybersecurity resilience of the organisation.  This is to be done through maintaining and enhancing security services and solutions for business-critical applications and information security infrastructure. Therefore, the individual should be an information security expert, and he or she must be a quick learner who can grasp a wide range of information security topics.  The individual must also be a great communicator who can convey messages involving highly technical information security risk concepts to all levels of staff and to strategic stakeholders (such as Head of IT teams and Head of Departments) in an efficient and professional manner

(Daily operation) Information Security Advisory and Assessment:

• Assess and evaluate information security products and solutions
• Advise and assess security control of mission-critical applications and IT infrastructure services
• Facilitate the deployment of strategic information security solutions to address the cyber threat and information security risk exposure
• Ensure the cybersecurity resilience to proactively prevent from business disruption or service outage
• Reduce risk exposure, improve efficiency, and strike balance of data protection

Communications and engagement with key stakeholders such as Head of IT teams and Head of Departments:

• Improve the awareness of the senior management, business users and IT professional on the technology threat the company is facing and more sensitive on protecting customers' interest and privacy
• Promote the importance of the compliance of AIA standard, and driving thought leadership in this evolving paradigm

Others:

• Coordinate ad-hoc cross-functional teams on special projects or strategic initiatives relating to IS
• Communicate with group offices, business partners, corporate clients, IT vendors and external parties on information security matters, as and when needed
• You are required to obtain the relevant license(s) if your job involves regulated activities

Minimum Job Requirements:

• Degree holder in Computer Science, Information Systems, Engineering, Risk Management, or a related discipline
• Minimum of 10 years on IT project management and information security field with experience & proven success in architecting, delivering or assessing cybersecurity and/or cloud security
• Knowledgeable of cloud industry trends for driving thought leadership in this evolving paradigm, and security challenges associated on the cloud journey utilising an “As a Service” model
• Solid knowledge in authentication solutions, like Multi-factor Authentication (MFA), OAuth2, SAML and encryption solutions, like RSA, AES, Azure key vault
• In-depth knowledge in hardening Internet-facing applications with highly confidential information.
• Hand-on experience of various security tools, like Burp Suite, openssl
• Very good understanding and demonstrated use of DevOps tools (e.g. Jenkins, Ansible) with CICD capabilities
• Experience in 24x7x365 support will be an advantage
• Holder of relevant IT security professional qualification preferred (such as CISA, CISM, CISSP etc.)
• Excellent communication (written and oral) skills, and demonstrable experience as a highly effective facilitator of cross functional teams
• Ability to solve complex problems while effectively communicating technical concepts.
• Ability to learn and apply new technologies quickly
• Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems

Build a career with us as we help our customers and the community live healthier, longer, better lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.