AI-generated summary
beta
This job is a Security Architect at AIA, where you'll create safe digital spaces for people to live healthier lives. You might like this job because you'll lead crucial security designs and influence a healthier future through technology.
Undisclosed
Kuala Lumpur, MY-AIA Malaysia, Kuala Lumpur
Job Description
At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.
As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.
If you believe in developing a better tomorrow, read on.
About the Role
The Security Architect will lead the design, implementation, and maintenance of a robust security architecture tailored for AIA, ensuring the protection of digital assets, infrastructure, and sensitive financial data. This includes maintaining an enterprise security blueprint and integrating best practices aligned with regulatory standards such as ISO/IEC 27001, NIST, and relevant industry regulations.You will collaborate closely with IT, development, and risk management teams to embed security measures across the technology infrastructure and software development lifecycle, using a risk-based and compliance-driven approach.
In this role, you will ensure that the security architecture supports business objectives and regulatory requirements. You will also lead the development of security frameworks, standards, and policies, while providing expert guidance on secure design and risk mitigation strategies across projects and operations.
Roles and Responsibilities:
Security Architecture & Design
Lead the development and implementation of enterprise security architecture strategies, frameworks, and mitigation plans.
Design secure systems and network architectures that align with business objectives, regulatory requirements, and industry best practices.
Translate business and technical requirements into robust, secure architecture solutions.
Governance & Assurance
Own the security review process and produce security design blueprints for ARB and other governance forums.
Provide architecture assurance to ensure alignment with enterprise roadmaps and standards.
Define and maintain security standards, guidelines, and reference architectures.
Risk Management & Compliance
Conduct threat modeling, risk assessments, and security impact analyses for new and existing solutions.
Stay current with regulatory changes affecting cybersecurity in the insurance and financial services sectors.
Evaluate emerging security technologies and recommend adoption where appropriate.
Collaboration & Advisory
Partner with solution architects, development teams, and business stakeholders to ensure secure design and implementation.
Present security architecture and risk mitigation strategies to ARB and senior leadership.
Provide advisory and assurance support to the Local Information Security (LIS) team during security incident investigations.
Documentation & Review
Review and endorse technical documents (e.g., impact analyses, functional designs, interface agreements) from a security perspective.
Contribute to the strategic direction of security investments and enterprise risk posture.
Leadership & Enablement
Serve as the technical subject matter expert for all security-related design decisions.
Mentor junior team members and promote security awareness across IT and business teams.
Minimum Job Requirements:
Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related discipline.
Proven experience in security architecture design, preferably within the financial services or insurance industries.
Minimum of 8 years of experience in IT security architecture, risk management, or cybersecurity operations.
Strong knowledge of security frameworks such as ISO/IEC 27001, NIST, and COBIT.
Solid understanding of cloud security architecture and platforms (Azure preferred), as well as DevSecOps practices.
Hands-on experience in threat modeling, risk assessment, and implementation of security controls.
Practical experience with security technologies including firewalls, SIEM, IAM, DLP, and endpoint protection.
Familiarity with regulatory requirements (e.g., PDPA, GDPR) and industry standards (e.g., PCI DSS).
Excellent analytical, problem-solving, and decision-making skills.
Experience with Agile and Waterfall methodologies, and secure software development lifecycle (SDLC).
Relevant certifications such as CISSP, CISM, or SABSA are highly desirable.
Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.
Job Requirements
Company Benefits
Wellbeing support
We offer a range of wellbeing tools and programmes to help you think well, feel well, plan well and live well.
Opportunities for career growth
With our diverse up-skilling, mentorship, job mobility and career experiences, we will help shape your career, your way.
Diverse team culture
It's our differences that make us better together. We empower you to be your best and make a difference in your own unique ways.
Additional Info
Company Activity
Last active - few hours ago
Experience Level
0 - 10 Years of Experience
Job Specialisation
Architecture, Computer Engineering, Cybersecurity / Network Security
Company Profile
