FIND YOUR 'BETTER' AT AIA
We don’t simply believe in being ‘The Best’. We believe in better - because there’s no limit to how far ‘better’ can take us.
We believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. So that together we can support even more people - including our own - to live Healthier, Longer, Better Lives.
If you believe in better, we’d love to hear from you.
About the Role
You will be responsible for the overall Cyber Security Operations (including IAM/EDR/DLP etc.), security posture (VMS, regular IVA, EVA and WAS) and baselines governance of AIA Singapore and local/group security projects deliverables.
What you will do:
- Assess the identified vulnerabilities and study and understand the risk profile and impact as per the environmental context.
- Lead the discussions with the infrastructure and application teams, advise them on the relevance of vulnerabilities, and help them understand the impact.
- Understand the false positives reported and the technical limitations of the environment and facilitate the process of risk acceptance.
- Collaborate with the infrastructure and applications teams for the remediation of the identified vulnerabilities.
- Maintain the vulnerability dashboard for the scope and submit reports for both technical teams and management reporting.
- Discuss, consult, and call out as required to the next levels and management in a timely manner for any outstanding issues.
- Provide subject-matter expertise for the vulnerability management service.
- Responsible for budget of Information Security and Governance unit.
- Maintain the related vulnerability indicators in the dashboard in green.
- Keeping tabs on new threats and vulnerabilities and providing analysis as per applicability.
- Propose, plan, and complete service improvement initiatives.
What you should have:
- Bachelor’s degree of computer science, computer engineering or other relevant degrees
- Information Systems Security professional certifications, such as CISSP, CISA, CISM, CSSP, GIAC, or Cloud related.
- Minimum 5 years of IT experience with at least 4 years’ of experience in cyber security incident handling in a regulated environment (e.g. FSI, government etc.)
- Working and hands-on experience in managing vulnerability management processes.
- Deep technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, networks, databases, and application servers.
- Ability to assess vulnerabilities and prioritize remediation planning.
- Ability to apply a risk-based approach while working on assigned responsibilities.
- Good understanding of reporting needs at various levels of organization and the ability to design, create, and present the same.
- Knowledge of different domains of information security such us cloud security related
- Good interpersonal skills and the communication network of the incumbent is expected to be internally within Technology Department (40%) and Enterprise Risk Management, Compliance, Internal Audit (10%), Business Departments (5%), Senior Management and Sub-Committees (10%),Group Technology and Group Information Security (25%) and external with Vendors and Service Providers (10%).
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.
