Associate Director, Application Security

At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on.

About The Role

The incumbent will be managing team members in SG/Cyber Technology Centre (Malaysia)/Batam Technology Centre (Indonesia) and responsible for defining and overseeing the organization's application security architecture, ensuring alignment with target architectures and modern development practices.

What You'll Be Doing

• Strategic Oversight of Security Architecture
• Define, design, and implement the target application security architecture in line with organizational goals and industry/regulatory standards.
• Establish a comprehensive application security strategy, ensuring seamless integration into enterprise architecture and technology roadmaps.
• Conduct architectural reviews to identify risks and recommend mitigation strategies, focusing on secure and scalable solutions.
• CI/CD Pipeline Security
• Lead the integration of security controls into CI/CD pipelines, ensuring automated detection and remediation of vulnerabilities.
• Secure Software Development Lifecycle (SDLC)
• Develop and enforce secure development guidelines, ensuring security is incorporated at every stage of the SDLC.
• Provide leadership in threat modelling, secure coding practices, and software code quality management across development teams.
• Work with application teams to prioritize security requirements, balancing business objectives with technical risks.
• Vulnerability Management and Mitigation
• Oversee the overall strategy for SAST, DAST, to identifying and remediating vulnerabilities.
• Ensure timely resolution of identified issues, coordinating efforts across development, QA, and DevOps teams.
• Maintain and communicate detailed metrics and dashboards on the security posture of applications and pipelines.
• Cross-Functional Collaboration
• Partner with application teams to align security architecture with business needs and project timelines.
• Act as the primary liaison between technical teams and executive leadership, effectively conveying security risks and architectural priorities.
  
  

• Bachelor's degree of computer science, Information Security, or a related field. A Master's degree would be an added advantage.
• Information Systems Security professional certifications, such as CISSP, CSSLP, CEH, OSCP or CREST.
• At least 15 years of experience in cybersecurity, with a focus on application security, security architecture, and secure development practices.
• Proven expertise in designing and implementing security controls within CI/CD pipelines in Agile and DevOps environments.
• Demonstrated success in defining and overseeing secure application architectures for cloud-native and hybrid environments.
• Deep understanding of secure software development lifecycle (SDLC) methodologies and best practices.
• A team-player with systematic problem-solving approach, and have sense of ownership and drive.
• Must have strong people skill to lead a team effectively and demonstrable experience of working at the most senior levels of large and complex organizations.
• Excellent interpersonal skills and stakeholders management.
• Always have customer in mind when dealing with any situations/projects/deliverables.
• Interprets customer needs, assesses requirements and identifies solutions to non-standard requests.
• Able to negotiate with, influence and engage others in complex and conflicting situations across multiple parties to drive a positive outcome.
• Good communication skills and the communication network of the incumbent is expected to be internally within the enterprise (80%) and external with Vendors and Service Providers (20%).
  
  

ABOUT AIA

For over a century, AIA has served the ever-changing needs of our customers across Asia-Pacific. Our Purpose to help millions of people live Healthier, Longer, Better Lives is at the heart of everything we do.

As pioneering innovators, we're now transforming AIA to be faster, simpler and more connected to create better solutions and impactful experiences for our customers and communities. AIA encourages and enables our people to act with clarity, courage and humanity in service of our Purpose.

JOIN US

At AIA, we believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. Whether it's investing better wellbeing, inspiring better learning, building better relationships, or making a better impact on customers, a career at AIA will challenge you to find new ways to pursue your 'better'.

AIA is committed to building a vibrant, diverse, and inclusive workforce for all employees to thrive in. Join us if you believe in creating a better tomorrow

• Director

• Full-time

• Information Technology
• Insurance