Are you ready to shape a better tomorrow?

AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives.

If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment.

If you want to shape a brighter future at AIA Digital+, please read on.

About the Role

This roles manages Third Party Security Assessment process and provides Security Metric Reporting

Third-Party Security Management:Oversee the third-party security assessment (TPSA) process to ensure thorough security evaluations of external third parties before service engagements.Lead initiatives to continuously enhance TPSA efficiency and integrate the latest technologies.Develop and enforce policies, procedures, and controls to ensure third-party compliance with security standards and regulations.Manage a team to complete all TPSA tasks for the Group Office promptly and with high quality.Collaborate with the security incident response team on monitoring third-party security threats and managing incident response processes.Provide guidelines and training to Local Business Units to govern third-party security risks and controls.Work with internal stakeholders to align third-party security practices with organizational goals and objectives.Stay updated on industry best practices, emerging threats, and regulatory requirements related to third-party security.Handle exceptions related to third-party security.Prepare and present reports on third-party security performance to senior management.Promote a culture of security awareness and compliance within the organization and among third-party vendors.

Qualifications :

Bachelor's degree in IT, Computer Science, or a related discipline.Minimum of 10 years of experience in Information Security, Technology Risk, or IT Auditing, preferably with regional experience.Excellent written and verbal communication skills, with the ability to escalate issues clearly and promptly to management.Strong critical thinking and analytical skills for handling complex situations.Proven ability to articulate IT controls and risks effectively.Ability to work independently with minimal supervision.Comprehensive knowledge of industry technology control frameworks and standards, such as ISO 27001, and NIST Cyber Security Framework v2.0.Experience in third-party security assessment is advantageous.Relevant certifications such as CISSP, CISM, CISA, CRISC, and/or ISO 27001 are a plus.Strong people management and communication skills.Ability to work proactively with diverse stakeholders across different countries, translating business language into information security and technical language, and vice versa.Experience in cross-border management.

Build a career with us as we help our customers and the community live healthier, longer, better lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.