At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on. 

About the Role

The Associate Director, Cloud & Email Security is responsible for leading the development and execution of AIA Group’s Cloud Infrastructure and Email security strategy.
The role owns the transformation and uplift of Cloud Infrastructure security capabilities, drives the delivery of secure Cloud Infrastructure and Email services ensuring the protection of AIA’s Cloud infrastructure and Email platforms.
Collaborate closely with cross functional teams to embed security best practices across AIA Business Units.

Roles & Responsibilities

Responsible for leading the strategic planning, implementation and continuous improvement of security across all Cloud service models (IaaS, PaaS, SaaS) and enterprise email systems that align with AIA’s Information Security mission and goals.Accountable for the risk management and control assessments across both Cloud and Email domains, ensuring alignment with AIA’s risk framework and compliance requirement.Define and maintain Key Risk Indicator (KRI) and Key Control Indicator for Cloud and Email security, incorporating regulatory and compliance requirements.Regular monitoring and reporting KCIs to senior management, ensuring that risk levels remain within the defined risk appetite and any deviations are addressed promptly.Own the collaboration with Head of Digital Security to drive and implement Cloud and Email security initiatives, addressing key risk areas and control gaps through a well-defined and actionable roadmap.Oversees and manage Cloud and Email Security projects ensuring timely execution of strategic initiatives and BAU projects within the defined scope, budget and timeline.Evaluate and recommend cost effective solutions for Cloud and Email security controls that aligns to AIA’s security standards and budgetary goalsOwn the relationship with strategic vendors, ensuring the delivery of effective, efficient and scalable core services and adherence to the SLAsCoordinates Quarterly Business Reviews (QBRs) and roadmap sessions with vendors to assess performance and align on future initiatives and drive continuous improvementOversee daily operations ensuring efficiency, quality, and compliance with AIA’s standards.Provides Subject Matter Expertise advice to IT and Information Security managements in Cloud and Email security, risks, controls and best practices.Optimizes security toolsets, processes, and organization to enhance control effectiveness and improve risk management across the Cloud and Email domainsPartner with both teams in Cloud and Email security, as well as stakeholders across Business Unites to advocate for and implement security best practices.Lead, coach, mentor and develop a diverse and highly efficient team to deliver world-class outcomes for AIA.

Minimum Job Requirement

Bachelor’s degree in computer science or related discipline.10+ years of experience in a technical role within Information Security or related discipline in a large organizationExtensive knowledge of cloud security technologies (CSPM, CWP, CIEM, CNAPP, CASB, SSPM) and frameworks (CSA CCM, NIST-SP 800-53, NIST SP 800-144, ISO 27017).Hands-on experience managing cloud infrastructure like Azure and Alibaba Cloud.Deep expertise in email security technologies like email authentication (DMARC, DKIM, and SPF), anti-phishing, content filtering and malware detection.Experience in managing email security tools (e.g., Proofpoint, Barracuda) ensuring security compliance in email platforms like, M365, Google Workspace.Proven experience in team leadership and development.Strong ability to define, prioritize and execute processes in a structured manner.Excellent communication and interpersonal skills.Proficient in both spoken and written English.Demonstrated ability to stay current with emerging security trends and technologiesDesirable Technical certifications: CISSP, CISA, CCSP, Azure AZ-500, Ali Cloud ACP.This role requires the successful candidate to be open to relocation to Malaysia

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.