Senior Manager, Information Security

Senior Manager, Information Security

AIA Group
10-13 years
Not Specified

Job Description

Bring your career aspirations to life with AIA!Develop and implement governance and communications programmes on information security and technology risk management and support related regulatory and IT-audit activities
Roles and Responsibilities:
This position plays a significant role in supporting management and Head of Information Security and Technology Risk ('IS&TR') of AIA Hong Kong and Macau to promote and enhance the maturity of IT/cyber security of the organisation, as well as related entities (such as AIA Investment Management). This is to be done through a robust governance, technology risk management and compliance programmes, coupled with well-planned communications and awareness-raising programmes tailored for different internal and external stakeholders. Therefore, while the individual taking up this role may not need to be an IT technical expert, he or she must be a quick learner who can grasp a wide range of IT/cyber security topics. The individual must also be a great communicator who can convey messages in English and Chinese involving highly technical IT/cyber risk concepts to all levels of staff (for instance, for awareness-raising campaigns) and to strategic stakeholders (such as regulators, auditors and corporate clients) in an efficient and professional manner.
(Daily operation) Technology Compliance & Control
  • Develop and manage technical risk governance framework & risk portfolio, which follows the AIA's IT control standards and guidelines.

Communications and engagement with regulators, auditors
  • Lead and coordinate internal efforts to support compliance assessment and
    security audits conducted by regulators and internal/external auditors
    Coordinate inputs and craft accurate and effective responses to enquiries on IS&TR matters coming from regulators and auditors

Awareness-raising campaigns for staff
  • Organise regular and frequent activities and develop localised materials to raise the awareness of staff at all levels on various cybersecurity controls and practices, and other topical issues
  • Maintain and curate the internal IS&TR Information Hub in company intranet

  • Lead ad-hoc cross-functional teams on special projects or strategic initiatives relating to IS&TR
  • Manage and communicate with group offices, business partners, corporate clients, IT vendors and external parties on IT security matters, as and when needed

Minimum Job Requirements:
  • Degree holder in Computer Science, Information Systems, Business, Finance, Risk Management, or a related discipline.
  • Minimum of 10 years of relevant and solid experience in risk management and control (preferably in the area of information security and technology risk), gained from international financial institutions or financial regulators.
  • Holder of relevant audit professional qualification and/or IT security certificates preferred (such as CISA, CISM, CISSP etc.).
  • Solid experience in handling audit-related assignments and cybersecurity assessments against information security frameworks or standards, such as HKMA's CRAF, ISO 27001, NIST Cyber, etc.
  • Familiar with relevant control requirements from different regulatory bodies of Hong Kong, such as Insurance Authority, Mandatory Provident Funds Schemes Authority, etc.
  • Excellent communication (written and oral) skills, and demonstratable experience as a highly effective facilitator of cross functional teams.
  • Excellent leadership and management skills and proven ability to build, manage and foster a team-oriented environment.
  • Confident and trustworthy keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically in a problem-solving environment.
  • You are required to obtain relevant licence if your job involves in regulated activities.

Candidates with more relevant experience will be considered as Associate Director, Information Security.
Build a career with us as we help our customers and the community live healthier, longer, better lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.

Job Details

Employment Types:




About AIA Group

The roots of today's AIA Group can be traced to 1919 when entrepreneur Cornelius Vander Starr established his first insurance business in Shanghai, China. What followed was pioneering growth, securing AIA's position as the largest independent publicly listed pan-Asian life insurance group-spanning 18 markets and serving the holders of more than 38 million individual policies and more than 16 million group scheme members. AIA is based in Hong Kong and is listed on The Stock Exchange of Hong Kong under the stock code '1299' (ticker symbol: 'AAGIY'). AIA's contributions have supported social and economic progress across Asia, while also advancing the reach and impact of life insurance across the region. In 2020, we paid more than US$16 billion in benefits and claims, providing essential financial protection when it was needed the most. We also take pride in the long-term relationships we have developed with our customers and agents that in many cases have continued for generations. The insurance industry plays an important role in addressing the sustainability challenges our communities face. With this in mind, AIA's ambition is to be a global industry leader in Environmental, Social, Governance (ESG), shaping a sustainable future for the communities we serve and creating long-term value for our stakeholders. For more than a century, AIA has strived to make a significant, positive impact for our customers and communities across Asia. As we look to the future, this commitment is reinforced by our Purpose: to help millions of people live Healthier, Longer, Better Lives. Our Purpose guides the decisions we make and the actions we take as an organisation-empowering and enabling people to understand and manage their health, while meeting their long-term savings and protection needs. Helping create a healthier Asia is one of the most important and valuable things we can do for our communities, today and tomorrow.

Similar Jobs

Career Advice to Find Better