Senior Manager, Information Security Governance

Job title: Senior Manager, Information Security Governance

Company:


Job description: AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives. If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment. If you want to shape a brighter future at AIA Digital+, please read on. About the Role This roles manages Third Party Security Assessment process and provides Security Metric Reporting Third Party Security: Manage the development of third party security assessment (TPSA) process to ensure proper security assessment on external third party prior to service engagement. Partner with external service provider to continuously improve TPSA process & operating model. Manage and cooperate with security incident response team on third party security threat monitoring and third party incident response process. Provide guideline and training to Local Business Unit to govern Third Party Security risk & control. Metric Reporting: Identify internal security control governance requirement and drive actions to build up metric reporting scheme. Develop and maintain a robust process to ensure that all security control gaps are reviewed and tracked on a regular basis in line with management expectations. Proactively work with respective control owners to ensure all reporting data/info are up-to-date and continuously fine-tune data collection logic based on Local Business Units and management feedback. Lead the team to continuously the productivity of metric reporting. Job Requirements : Having at least 10 years of experience in Information Security/ Audit and Risk Assessment/ IT Governance and Compliances Requires good communication skill and proactively work with different stakeholders in different countries. Knowing how to understand business language and translate to information security and technical language and vice versa is highly required Experience with ISO 27001, NIST or similar information security controls and framework Cross-border management experience Having CISSP, CISM, CISA, CRISC and/or , ISO 27001 is a bonus. Ability to work with minimum supervision Fluent in Both writing and verbal English

Expected salary:

Location: Kuala Lumpur

Job date: Sat, 08 Mar 2025 23:36:18 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck