AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives.
If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment.
If you want to shape a brighter future at AIA Digital+, please read on.
About the Role
The incumbent is responsible to manage penetration testing scheduling with external vendor as well as facilitating discussion with internal stakeholders and various application development teams. This encompasses ensuring penetration testing schedule is arranged as planned and issues are remediated timely according to the timeline stipulated in vulnerability management standard.Penetration testing scheduling
Plan and communicate the penetration testing timeline with internal stakeholders and external vendors at the beginning of calendar year.Ensure penetration testing schedule is executed as per the plan for each in-scope applications.Facilitate meetings between application development teams and external vendors for any discussion and clarification needed, including possibility of conflicting schedules and priorities.Penetration testing tracking and issues remediation
Tracking of penetration testing issues and compiling the status on a weekly basis.Making sure issues are remediated timely according to the timeline stipulated in vulnerability management standard.Proactively perform outstanding issues escalation based on the severity of the findings based on the defined issues escalation processes.Penetration testing basic issues analysis
Perform basic review of penetration issues findings to identify any potential common problems, based on web and mobile application security guideline/checklist of OWASP Top 10.Conduct basic security risk assessment based on the identified issues during penetration testing to identify area of improvement and potential mitigations.Provide basic advice to application teams for general vulnerability remediation. Arrange meeting or discussion with related security SME for deeper issues analysis from penetration testing engagement.Minimum Job Requirements:
University degree preferably in one of the following or related disciplines: Information Systems, Computer Science, Information Security, Information Systems.Preferably a holder of one or more of the following information security or project management certifications, such as CISA, PMP.Min 3 to 4 years of experience working in Technology / project management preferably in the information security domain, with experiences in managing penetration testing engagement.Strong project management skills and the ability to coordinate with multiple stakeholders and manage conflicting priorities.Experience in coordinating and scheduling penetration tests with external vendors.Familiarity with vulnerability assessment, penetration testing, and project management with the basic ability to identify and assess various types of vulnerabilities, and proactiveness to engage related SME for a further deeper analysis.Proven track record of managing projects from initiation to completion, ensuring timely delivery and tracking.Excellent interpersonal, influencing, and communication skills, with ability to deliver the key message of “why” and “how” certain things are needed for remediation with elaboration of the risks, severity and impact.Ability to clearly and concisely communicate findings to technical and non-technical stakeholders.Build a career with us as we help our customers and the community live healthier, longer, better lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.