At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.If you believe in developing a better tomorrow, read on.About the RoleYou will be responsible for the overall Cyber Security Operations (including IAM/EDR/DLP etc.), security posture (VMS, regular IVA, EVA and WAS) and baselines governance of AIA Singapore and local/group security projects deliverables.Serve as the primary contact to any cyber security incident within the Department for AIASG and to perform vital functions in identifying, mitigating, reviewing, documenting, and reporting findings to management, run IMT meetings and evaluate potential information security risks and ensures their corresponding risk exposures are appropriately addressed such that the company’s image and value are protected. Enhance our cyber security readiness for cyber security incidents and uplift our capabilities to tackle the future emerging cyber risks.WHAT YOU’LL BE DOING:Assess the identified vulnerabilities and study and understand the risk profile and impact as per the environmental context.Lead the discussions with the infrastructure and application teams, advise them on the relevance of vulnerabilities, and help them understand the impact.Understand the false positives reported and the technical limitations of the environment and facilitate the process of risk acceptance.Collaborate with the infrastructure and applications teams for the remediation of the identified vulnerabilities.Maintain the vulnerability dashboard for the scope and submit reports for both technical teams and management reporting.Discuss, consult, and escalate as required to the next levels and management in a timely manner for any outstanding issues.Provide subject-matter expertise for the vulnerability management service.Responsible for budget of Information Security and Governance unit.Maintain the related vulnerability indicators in the dashboard in green.Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.Propose, plan, and execute service improvement initiatives.WE ARE LOOKING FOR SOMEONE WITH | YOU WILL HAVE:Bachelor’s degree of computer science, computer engineering or other relevant degreesInformation Systems Security professional certifications, such as CISSP, CISA, CISM, CSSP, GIAC, or Cloud related.Minimum 8 years of IT experience with at least 4 years’ of experience in cyber security incident handling in a regulated environment (e.g. FSI, government etc.)Working and hands-on experience in managing vulnerability management processes.Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, networks, databases, and application servers.Ability to assess vulnerabilities and prioritize remediation planning.Ability to apply a risk-based approach while working on assigned responsibilities.Good understanding of reporting needs at various levels of organization and the ability to design, create, and present the same.Knowledge of different domains of information security such us cloud security related.A team player taking ownership and helping colleagues.Ability to organize work and be able to prioritize work as per the operation’s needs.Ability to work independently as well as part of a team and is able to work under minimal supervisionGood communication skills and the communication network of the incumbent is expected to be internally within Technology Department (40%) and Enterprise Risk Management, Compliance, Internal Audit (10%), Business Departments (5%), Senior Management and Sub-Committees (10%),Group Technology and Group Information Security (25%) and external with Vendors and Service Providers (10%).#LI-SC1Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.
