Share this Job

Assoicate Director, IT Security

Date: Aug 22, 2019

Location: Shanghai, CN

Company: AIA Careers

Roles and Responsibilities:

  • Manage IT security and Technology Risk, which includes application and infrastructure security, risk and controls (in collaboration with group technology risk), IT security governance, and IT regulatory support. 
  • Implement group wide solutions to address information security issues with focus on identification of common patterns and issues 
  • Deployment of technology policies, standards, processes and remediation management to continuously improve information security governance. 
  • Execution of self-assessment program to ensure technology is in compliance with the established information security policies, standards and processes. 
  • Implementation of new generation information security architecture 
  • Standing member local incident management team 
  • Ensure significant business initiatives are reviewed and aligned with the information security policies, standards and processes. 
  • Regulatory interface on information security related aspects 
  • Interface with auditors to ensure all audit and compliance findings are adequately remediated across the business unit 
  • Ensure information security principles have the right balance of data protection and ease of doing business 
  • Staff training through exercises such as phishing and also development of country specific training content in addition to the existing group wide information security content 


Minimum Job Requirements:

  • 7+ years of information security and technology risk management experience in complex international environments, preferably in financial services sector
  • Deep and broad technology understanding on the security platforms including application security, network security, identity and access management and devices security in addition to underlying infrastructure
  • Proven experience in managing security functions from an implementation and incident response perspective
  • Experience in managing diverse cross-cultural teams within complex environments
  • Understand the complexities and challenges of the organization, integrated processes, information and technologies in order to develop future-state models to best realize organizational strategies
  • Excellent communication skills with ability to influence and partner with key internal and external stakeholders
  • Innovative self-starter, highly motivated, business savvy with strong people skills
  • A degree or post-graduate degree in Computer Science or MIS, and preferably a holder of professional IT security qualifications: CISSP, CRISC or similar

Job Segment: Manager, Law, Risk Management, Network Security, Security, Management, Legal, Finance