Senior Specialist, Information Security Technology and Architecture

BELIEVE IN BETTER

Do you believe in shaping a better, healthier, more sustainable future through the power of digital?

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.
It's finding new ways to not only better people's lives, but to better the communities and environments we live. As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler, and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

And to get there, we need people with tech/digital/analytics expertise and passion to help develop positive sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

Sound like you? Then read on.

The opportunity:

AIA New Zealand is looking for a dynamic professional with extensive experience in Information Security frameworks and exceptional influencing and communication skills.

In this pivotal role, you'll provide advanced Technology Security and Security Architecture guidance, identify and mitigate security risks, and deliver robust technical security assurance. You'll also play a key role in training our staff to ensure they are security-savvy. If you're ready to support design from inception through to the implementation phase and make your mark at the decision-making table, we want you on our team! 

Key responsibilities include:

• Execute technology security management, IT, and information security strategy and processes to ensure compliance with AIA’s security policies and frameworks.

• Adopt a pragmatic approach to Information Security Solutions.

• Manage and ensure effective implementation of technology security management frameworks, policies, programs, and processes.

• Oversee Weekly Security Dashboards KPIs to ensure compliance with security metrics.

• Drive remediation of identified weaknesses and manage risk.

• Analyse technology and security threats.

• Manage and review project-based technology and security issues, identifying new and emerging security concerns and risks.

• Define and ensure an effective monitoring and reporting program.

• Recommend and implement treatments to manage technology and security risks in partnership with stakeholders.

• Maintain and define Information Policy, standards, and controls.

• Manage, operate, and enforce Information Security Policy and chair relevant Information Security Committees.

• Conduct regular and ad-hoc security compliance checks to AIA Standards.

Information Security Operations:

Manage security technical environments to ensure compliance with security policies, standards, and processes.

• Ensure compliance with AIA and industry standards (e.g PCI).

• Plan and conduct technical security training.

• Analyse technology threats and report to management.

• Review and remediate findings from vulnerability  scans (e.g., WAF).

• Ensure architectural changes to existing operational environment are documented and maintained.

Information Security Architecture:

Integrate organisational goals and objectives into security architecture.

• Integrate information security designs for systems and networks.

• Provide security architectural advice to technology projects to manage and reduce risk.

• Work with technology teams to assess and define security-based architectural solutions.

• Determine if systems and architecture are consistent with information security architecture guidelines.

• Perform security reviews of architecture designs.

• Develop information security designs for systems and networks with multiple data classification levels.

• Document impact of new system and interface implementations on organizations information security posture.

Ideally, you’ll bring:

The ideal candidate will hold a degree in Computer Science, Information Systems, or a related discipline, with a CISSP certification preferred. They should have over 5 years of experience in Information Security within a sizable organization, demonstrating strong technical skills in security practices and practical experience with security testing tools. A detailed knowledge of common security vulnerabilities and an excellent understanding of security best practices are essential. Additionally, the candidate should have experience managing and governing Information Security Vendors, ensuring Third Party Security Assessments are completed and reviewed. A passion for enhancing security awareness is also crucial.

Why choose AIA?

At AIA, we believe in empowering every one of our people to find their 'better'.  We do this by offering:

• Opportunities to grow within the business through internal mobility

• Competitive employee benefits that include insurances, an Employee Share Purchase Scheme and an extra day of leave each quarter to recharge

• Membership to AIA Vitality, our science-backed health and wellbeing programme that provides the guidance, tools, and rewards to get more out of life and start thriving. AIA Vitality partners include Airpoints™, Woolworths, MoleMap, endota, Les Mills, Samsung, Garmin and many more!

• A supportive and inclusive workplace

• Flexible working arrangements.

If you believe in developing a better tomorrow, apply now!

Diversity, equity, and inclusion are at the heart of who we are and what we do. Our commitment to these values is unwavering and they are central to our mission. AIA NZ values diversity in the workforce. We encourage candidates from diverse backgrounds, including those with a disability, additional mental health needs, chronic health conditions and/or are neurodiverse to apply for our roles. If there's anything we may need to consider to support you with our recruitment process, please email nz.talentacquisition@aia.com.

We are a 2025 Circle Back Initiative Employer – we commit to respond to every applicant.

Recruitment Agencies: Our Talent team does not require any recruitment agency support.

Interested Candidates: Apply using the ‘Apply’ button. No emailed applications accepted. For general enquiries only, contact:

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.