Associate Director, Application Security

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on. 

About the Role

The role will be instrumental in safeguarding our digital infrastructure. This role involves leading AIA Group application security team to uplift and transform application security, deliver application security services, and apply application security best practice.

Roles & Responsibilities:

• Provide leadership across all aspects of application security and controls
• Partner with application leaders in Business Unites to advocate and improve application security best practices
• Provide Subject Matter Expertise advice to IT and Information Security managements in application security
• Perform risk management and control assessment in application security domain
• Optimize toolsets, processes, and organization to improve the application security controls and management application security risks
• Evaluate and identify cost effective solution for application security controls.
• Work collaboratively with key vendors and business partners to deliver effective and efficient security services
• Define the key risk indicator (KRI) and key control indicator for application security, taking compliance requirements as input
• Regularly report the overall KCIs to senior management to ensure they are within risk appetite

Minimum Job Requirement

• Degree in Computer Science or related discipline.
• Obtain technical certifications such as CISSP, CISA, CCSP, OSCP, CRISC, CEH is a must
• 10+ years’ experience in a hands-on technical role in Information Security or related discipline with minimum 5 years’ in a leadership role
• Proven track record in team management and development.
• Hands-on experience in different application security domains (e.g., container security, mobile security, serverless security, API security, penetration testing, DevSecOps, Security programing, security community) is advantageous
• Able to define, prioritize and execute process in a structured manner
• Possess good communication and interpersonal skills
• Proficient in both spoken and written English

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.