Join to apply for the Principal, Information Security role at AIA Hong Kong and Macau Continue with Google Continue with Google Join to apply for the Principal, Information Security role at AIA Hong Kong and Macau Get AI-powered advice on this job and more exclusive features. Sign in to access AI-powered advices Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives. To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone. If you believe in developing a better tomorrow, read on. About The Role This position plays a significant role in supporting management and Director of Information Security to promote and enhance the maturity of Information and cyber security of the organisation, as well as related business entities. This is to be done through a robust governance, Information security risk management and compliance programmes, coupled with well-planned communications and awareness-raising programmes tailored for different internal and external stakeholders. Therefore, while the individual taking up this role may not need to be an Information Security expert, he or she must be a quick learner who can grasp a wide range of IT/cyber security topics. The individual must also be a great communicator who can convey messages in English and Chinese involving highly technical IT/cyber risk concepts to all levels of staff (for instance, for awareness-raising campaigns) and to strategic stakeholders (such as regulators, auditors and corporate clients) in an efficient and professional manner.(Daily operation) Regulatory and Information Security Compliance Develop and manage the Information security governance framework & risk portfolio, which follows the AIA’s security standards and guidelines. Be the subject matter expert to provide advice on regulatory requirements related to information security. Communications and engagement with regulators, auditors Lead and coordinate internal efforts to support compliance assessment against regulatory requirements and IT audits conducted by internal/external auditors; Coordinate inputs and craft accurate and appropriate responses to enquiries coming from regulators and auditors; Awareness-raising and education for staff Organise regular and frequent activities and develop localised materials to raise the awareness of staff at all levels on various cybersecurity controls and practices, and other topical issues of Information Security. Maintain and curate the internal Information Hub for education and sharing. Miscellaneous Lead ad-hoc cross-functional teams on special projects or strategic initiatives relating to Information Security Communicate with group offices, business partners, corporate clients, IT vendors and external parties, as and when needed Job Requirements Degree holder in Computer Science, Information Systems, Business, Finance, Risk Management, or a related discipline. Minimum of 10 years of relevant and solid experience in Information Security risk management and control, gained from international financial institutions, professional firms or financial regulators. Holder of relevant IT audit professional qualification and/or IT security certificates preferred (such as CISA, CISM, CISSP etc.). Solid experience in handling cybersecurity assessments and IT audit-related assignments and familiar with relevant control requirements from different regulatory bodies such as Hong Kong Insurance Authority, Mandatory Provident Fund Schemes Authority, Macau AMCM etc. Excellent communication (written and oral) skills, and demonstratable experience as a highly effective facilitator of cross functional teams. Excellent leadership and management skills and proven ability to build, manage and foster a team-oriented environment. Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically when solving problems. You are required to obtain the relevant licence(s) if your job involves regulated activities. Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives. You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date. Seniority level Seniority level Mid-Senior level Employment type Employment type Full-time Job function Job function Information Technology Industries Insurance Referrals increase your chances of interviewing at AIA Hong Kong and Macau by 2x Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR. Information Technology Cybersecurity Analyst / Specialist Eastern District, Hong Kong SAR 1 hour ago Assistant Information Security Consultant Technology Risk Manager (IT Security) – Information Technology Department Regional Information Security Engineer - Renewable Contract CYBER SECURITY AND RISK ANALYST / CYBER SECURITY ENGINEERAssociate - IT Security (Corporate Bank)Senior Officer - Information Technology (Cyber Security) (Contract period up to 31 August 2026) (Ref: IT/06/245)Cybersecurity Detection and Response Analyst Analyst, Cyber Security (Ref: DTD194/25, 10514)Cyber Security Analyst / Engineer (Identity and Access Management)Global Security GRC Analyst (Governance, Risk, and Compliance)Senior/Junior Information Security Consultant (Governance, Risk and Compliance)Senior Manager, Group Information Security Assistant Vice President, IT Security - IT Operations Department Analyst, IT Security Operations & Engineering Assistant Manager, Business Information Security Office IT Support Analyst for Security Financing Shenzhen, Guangdong, China CN¥45,000 - CN¥65,000 2 years ago Shenzhen, Guangdong, China CN¥15,000 - CN¥20,000 1 year ago Technology Risk Manager (Information Security Control Division)We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr