Director of Technology Governance and Controls

At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on. 

About the Role

The role will be:

• Responsible and accountable for Technology Governance for AIA Group.
• Develop, implement, and maintain AIA’s Information Security governance framework.
• Ensure all security policies, procedures, and standards are aligned with business objectives and regulatory requirements.

Roles & Responsibilities

• Responsible for overseeing information security governance and ensuring technical control compliance within the Group Office, as well as providing oversight across all business units.
• Oversee and enhance a comprehensive Information Security governance framework that aligns with industry best practices and regulatory requirements.
• Develop, review, and update Information Security policies, procedures, and standards to ensure they are effective and compliant with relevant laws, regulations, and industry standards such as NIST and ISO 27001
• Accountable to oversee regular assessments, including ISO27001 certification and SOC2 audits for Group, along with maturity reviews to provide assurance to customers and stakeholders
• Accountable for AIA’s Information Security training and awareness programs at the Group level
• Accountable for  governance practices and committees to ensure that cyber security risk is managed proactively, and controls are measured effectively across all AIA Business Units.
• Management of 3rd party security assessment process ensuring critical or high-risk vendors comply with AIA security standards
• Leadership for Group Information Security and Group Technology on regulatory and audit engagements.
• Management of Technology controls and Information Security  / Cyber reporting to management, executive committees and boards.
• Lead, coach, mentor and develop a diverse and highly efficient team to deliver world-class outcomes for AIA.
• Play a key leadership role in the Group Technology function, specifically playing a key role across the various teams to ensure clear, cohesive, and comprehensive strategy execution.

Minimum Job Requirement

• 15+ years of experience in Information Security / Cyber Security.
• Experience of managing a global governance and controls function.
• Strong knowledge of Information Security standards and Industry Standards frameworks such as ISO 27001 and NIST.
• Strong knowledge of regulatory requirements as related to Information Security.
• Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Management (CISM) is preferable.
• Degree holder in Technology related discipline.

Special skills

• Proven skills in translating insights into strategies and action plans.
• Ability to demonstrate independent leadership, judgment, and decision making.
• Ability to adjust to multiple and changing priorities, remaining flexible, open, and collaborative.
• Ability to create and maintain cooperative working relationships with internal and external stakeholders at all levels.
• Excellent analytical skills to understand business context; and enquire, counsel, and present solutions in an understandable and simple manner.
• Be a self-starter and possess the confidence and skills to operate with and enjoy a high degree of autonomy.
• Excellent interpersonal and communication skills.
• Experience working with diverse cultures and markets.
• Experience of managing teams in multi locations.

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.