The role will be to manage a broad portfolio of important information security domains covering cyber training and awareness, policy and standards, third party security, regulatory /audit engagements, ISO27001/SOC2 certification and red team governance
- Thought leadership on governance and control matters within the Group Information Security leadership team.
- Lead information security training and awareness programs for the Group
- Management of Information Security policy and standards and associated ISO27001 certification and SOC2 audits.
- Lead governance practices and committees to ensure that cyber security risk is managed proactively, and controls are measured effectively across all AIA business units
- Lead controls self-assessment for the AIA Group Technology Function and Business Units as relates to Finance and ITGC (IT General Controls) controls.
- Ownership of first line information security controls framework
- Management of 3rd party security assessments and partner engagements
- Leadership for Group Information Security on regulatory and audit engagements
