AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives.
If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment.
If you want to shape a brighter future at AIA Digital+, please read on.
About the Role
This roles manages Third Party Security Assessment process and provides Security Metric ReportingThird Party Security:
Manage the development of third party security assessment (TPSA) process to ensure proper security assessment on external third party prior to service engagement.
Partner with external service provider to continuously improve TPSA process & operating model.
Manage and cooperate with security incident response team on third party security threat monitoring and third party incident response process.
Provide guideline and training to Local Business Unit to govern Third Party Security risk & control.
Metric Reporting:
Identify internal security control governance requirement and drive actions to build up metric reporting scheme.
Develop and maintain a robust process to ensure that all security control gaps are reviewed and tracked on a regular basis in line with management expectations.
Proactively work with respective control owners to ensure all reporting data/info are up-to-date and continuously fine-tune data collection logic based on Local Business Units and management feedback.
Lead the team to continuously the productivity of metric reporting.
Job Requirements :
Having at least 10 years of experience in Information Security/ Audit and Risk Assessment/ IT Governance and Compliances
Requires good communication skill and proactively work with different stakeholders in different countries. Knowing how to understand business language and translate to information security and technical language and vice versa is highly required
Experience with ISO 27001, NIST or similar information security controls and framework
Cross-border management experience
Having CISSP, CISM, CISA, CRISC and/or , ISO 27001 is a bonus.
Ability to work with minimum supervision
Fluent in Both writing and verbal English
Build a career with us as we help our customers and the community live healthier, longer, better lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.