Security Risk Analysis, Specialist

SG-Tampines Agency Building

AIA

AIA provides insurance solutions to both individuals and businesses. Find out more about our services and latest updates.

View all jobs at AIA

Apply now Apply later

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on. 

About the Role

Join us today as Security Risk Analysis, Specialist today!

Providing consultation, professional advice, awareness / training on information security and key technology risk matters relating to the above mentioned geographical responsibilities, thereby contributing to building a strong information security risk culture cantered on people, processes and technology. The role will also coordinate regular governance engagements and being involved in technology-related audit engagements for AIA Singapore, and exercise professional judgment and assessments on the material to be provided by the various process and control owners for the audits.

WHAT YOU’LL BE DOING:

Information Security & Technology Risk Metrics

  • Support the alignment of various information security and technology risk metrics for management reporting and escalation – this includes reporting / escalation of outstanding or overdue action required from penetration tests, vulnerability assessments, security incidents, policy / standards deviations, third party security assessments, etc.

  • Drive the monthly Technology Security Governance forum focusing on highlighting metrics impacting the Company’s cybersecurity metrics.

  • Collate and review collated metrics and material relating to the Operational Risk Management forums, Key Risk Indicators and Key Risk Tolerance Indicators for Cybersecurity and Technology processes.

Risk Assessments, Audit and Regulatory Management

  • Support Technology related Audit engagements with statutory Auditor and Regulator, following up with relevant parties to ensure all issues identified are remediated.

  • Support the delivery of annual IT Risk and Control self-assessment exercises according to MAS regulatory notices / guidelines, internal enterprise IT policies, and standards.

Policy, Standards and Exception Management

  • Communicate material changes to internal policies / standards to collaborators. Facilitate risk evaluations and exception handling to deviations from the policies, standards and regulatory requirements.

WE ARE LOOKING FOR SOMEONE WITH:

  • University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems).

  • 5-8 years of relevant work experience, including at least 2 years of experience in IT Audit, Risk Management, Compliance and/or Governance roles, with particular expertise and knowledge of Governance reporting of technology risk issues and cybersecurity.

  • Rich working experience from financial industry, big tech firms or established auditing firms will be considered favorably.

  • Experience and exposure in information security standards such as ISO27001 and PCIDSS will be an advantage.

  • Preferably a holder of one or more of the following information security and audit qualifications: Security+ and CEH.

  • Candidates with advanced level qualifications such as CISSP, CISA, CRISC, CCSP will have added advantage.

  • Good Communication, Coordination and Interpersonal Skills.

  • Good experience working alongside and opposite external auditors as well as regulatory bodies.

  • Meticulous and analytical traits, strong programme / project management skills, high drive, energy and good demeanor over teamwork, high levels of professional integrity.

  • Eagerness to learn and develop one’s knowledge in information security and computing, especially on emerging computing fields such as cloud security, DevSecOps, etc.

Believe in better with AIA.  If you work at AIA, you play an important part in this movement. Which is why we give you every opportunity to learn, grow and shape your career - your way! 

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.

Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  1  0

Tags: Analytics Audits CCSP CEH CISA CISSP Cloud Compliance Computer Science CRISC DevSecOps Governance ISO 27001 PCI DSS Risk analysis Risk assessment Risk management Security assessment

Perks/benefits: Career development

Region: Asia/Pacific
Country: Singapore

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.