At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.
As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone. If you believe in developing a better tomorrow, read on. WE ARE LOOKING FOR .....
The BISO role is a senior cybersecurity leadership position intended to bridge the gap between security and business interests, be responsible for the overall Cyber Security Management of AIA Singapore to the line of business.
Serve as the Business Information Security Officer, go-between for the security team and business, to engage with line of business for AIASG and to perform vital functions in identifying, mitigating, reviewing, documenting, and reporting findings to management, and ensures the corresponding risk exposures are appropriately addressed such that the company's image and value are protected. Enhance our cyber security readiness and uplift our capabilities to tackle the future emerging cyber risks to support the business. WHAT YOU'LL BE DOING:
WE ARE LOOKING FOR SOMEONE WITH | YOU WILL HAVE:
- Serve as the primary security contact for the line of business in AIASG
- Develop and oversee the implementation of security policies, procedures, and controls
- Conduct risk assessments and manage security statement and review for line of business in AIASG to support business strategy
- Monitor compliance with security regulations for all systems supporting the line of business
- Strong business acumen to understand and speak the language of business. Be able to clearly articulate the value of cybersecurity investments to business leaders who may not be familiar with the technical details
- Assist to identify, assess, and prioritize risks. Must also be familiar with the principles of risk management and how they apply to cybersecurity
- Develop and maintain local risk register, detection/response related standard operating procedures to ensure compliant to the MAS regulations
- Monitor security compliance, manage security awareness programs, train employees on security procedures and implement new security technologies
- Coordinate with the IT department on technical security issues
- Working with business units to ensure compliance with security policies and procedures
- Provide guidance and support to line of business on security-related issues
- Uplift Cyber Security process, controls and maturity level for Cyber Security
- Support for the Cyber Security score in the annual MAS CRAFT report.
- Bachelor's degree of computer science, computer engineering or other relevant degrees
- Information Systems Security professional certifications, such as CISSP, CISA, CISM or CRISC preferred
- Minimum 15 years of IT experience with at least 5 years' of experience working as a BISO in an MNC enterprise environment. Finance industry will be preferred
- Must have a deep understanding of cybersecurity technologies and how they can protect the organization's assets. Familiar with a wide range of IT systems and applications
- Effectively communicate with both technical and non-technical staff. Be able to translate complex technical concepts into plain English and present them in a way that decision-makers can understand
- Strong knowledge of Cyber Security forensics, Information Security governance, project management, change management, technology implementation and risk analysis strategy
- Sound knowledge of Cloud environment and Cloud security, Cyber Monitoring, Threat Hunting, and Cyber Threat Intelligence
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.