Roles and Responsibilities:

1. Data Privacy, Protection & Cryptographic Governance

• Ensure compliance with data privacy and data protection requirements.

• Safeguard sensitive data through effective DLP and cryptographic controls.

• Manage annual DLP recertification, key management processes, and cryptographic standards.

• Support phishing response activities and group‑wide phishing simulation exercises.

2. Cybersecurity Solution Advisory

• Review solution designs and provide security guidance for projects and technology initiatives.

• Recommend and validate appropriate security controls to ensure secure architecture and application security.

• Support the secure implementation and integration of cybersecurity technologies.

3. Controls Compliance Monitoring

• Ensure adherence to AIA policies, Group Cybersecurity Standards, and BNM RMiT requirements.

• Provide required documentation and evidence to support audits and compliance assessments.

4. Security Awareness & Training

• Lead cybersecurity awareness and training programmes for Technology and Business teams.

• Promote secure development practices and strengthen overall security culture.

5. Security Operations & Tools Management

• Support and maintain key security tools (e.g. DLP, EPP, WAF, etc.).

• Perform monitoring, controls reviews, and operational checks to maintain continuous security readiness.

Minimum Job Requirements:

1. Qualifications & Certifications

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related discipline.

• Minimum 4 years’ experience in cybersecurity, data protection, or technology risk.

• Experience in financial services or regulated environments is preferred.

• Relevant certifications (Security+, CISSP, CISM, CCSP, CEH, or equivalent) are an advantage.

2. Technical & Domain Knowledge

• Strong understanding of application security, cybersecurity technologies, and cloud security environments.

• Demonstrated expertise in data privacy, DLP governance, cryptographic controls, and regulatory compliance.

• Experience supporting RMiT, BNM regulatory engagements, and IT audits.

• Ability to interpret risk data and translate insights into actionable recommendations.

• Familiarity with insurance operations, customer data protection, and secure SDLC practices.

• Experience engaging with financial regulators, particularly Bank Negara Malaysia (BNM).

3. Personal Attributes

• High integrity, accountability, and professional maturity.

• Strong analytical, problem‑solving, and documentation skills.

• Effective communication skills with the ability to influence stakeholders.

• Resourceful, independent, and capable of managing multiple priorities under pressure.

4. Key Competencies

• Strong focus on quality, timeliness, and accuracy.

• Excellent documentation capability, particularly in policy development and risk management.

• Effective stakeholder engagement across Business units and Group Office.

• Able to deliver optimal outcomes with minimal supervision.