Bring your career aspirations to life with AIA!

Security strategy and digital architect who has strong hands-on experiences in designing and/or reviewing security architecture and digital solution for various inter-connected application and infrastructures, especially in the cloud environment. This position is responsible for providing consultation, professional advice, security architecture and strategic thinking for the digital solutions and transformation across technology to ensure secure solutions for business growth

Information Security Strategy

• Define, Design and Review security architecture and strategic proposal for various security-driven initiatives or business-driven initiatives for the cloud environment to support digital transformation
• Identify strategic opportunities for Technology and Business through a strong understanding of business model, business requirements, customer needs and emerging modern technologies
• Build up strong and in-depth and proactive relationship at all levels across technology functions as well as line of business
• Deep knowledge of security design and architecture, authentication and authorization flow of the applications, security best practices and organization's IT security technology policy & procedure, session management, token management, cryptographic algorithm, zero trust and information/data protection and so on.
• Provide feasible application security architecture recommendations or guidance based on proposed application changes either it is initiated by application development team or business users.
• Work closely with application development team to proactively stay on top of latest secure application architecture design to deliver thorough security recommendation aligned with organization's IT security technology policy & procedure.
• Facilitate challenging application security architecture conversations and provide acceptable solutions where IT standards are contradicting with business demands to achieve acceptable business solutions without sacrificing security and compliance aspects.

Digital Solution

• Identify, propose and initiate digital solution improvements for technology, ensuring that they have a measurable effect on security enhancement and process effectiveness, with associated benefits to the business
• Lead and engage with vendors to understand third-party software life cycles and upgrade paths to input into digital solution roadmap recommendations for Security
• Be responsible for driving and fostering a culture where developers take responsibility for CI/CD processes and success of ongoing support, maintenance, and evolution of software solutions following DevSecOps processes
• Understand company’s digital roadmap and collaborate effectively with colleagues across IT including but not limited to Run and Change teams and business
• Lead and work closely with Digital Technology team to propose and work out solution development projects for Web-based, Mobile and other software solutions in the digital world

• Work closely with infrastructure operation team to proactively stay on top of latest secure infrastructure architecture design to deliver thorough security recommendation aligned with organization's IT security technology policy & procedure.
• Facilitate challenging infrastructure security architecture conversations and provide acceptable solutions where IT standards are contradicting with business demands to achieve acceptable business solutions without sacrificing security and compliance aspects.

Specialized Information Security Domains

• The role may be called upon to lead or be involved in reviewing or standardizing the information security architecture across key digital solutions especially on cloud security, application security and data security.
• Assist in security review and coordination for Technology division application development teams, where applicable
• Although this is an individual contributor role, the candidate should also expect to perform the role of a specialist mentor to the junior members of the staff within the team and be able to work with all levels

Job Requirements

• University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems)
• Minimum 12 years of experiences of security architecture, strategy or security consultant, digital solutioning.
• Hands-on experiences of designing and/or reviewing application security or infrastructure security and few years working experience as security consulting
• Working experiences in insurance / banking / consulting industry is preferred
• Certifications related to security architecture or Cloud Security is preferable, such as CCSP, Azure DevOps certification, Azure Solutions Architect certification, etc
• Good communication and interpersonal skills
• Good team player with a high integrity, proactive mindset, and strong ownership
• Preferably a holder of one or more of the following information security and audit qualifications: CISSP, CISA, CRISC, CCSP

Build a career with us as we help our customers and the community live healthier, longer, better lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.