Associate Director, Cloud & Email Security
- Kuala Lumpur
- Permanent
- Full-time
The role owns the transformation and uplift of Cloud Infrastructure security capabilities, drives the delivery of secure Cloud Infrastructure and Email services ensuring the protection of AIA’s Cloud infrastructure and Email platforms.
Collaborate closely with cross functional teams to embed security best practices across AIA Business Units.Roles & Responsibilities
- Responsible for leading the strategic planning, implementation and continuous improvement of security across all Cloud service models (IaaS, PaaS, SaaS) and enterprise email systems that align with AIA’s Information Security mission and goals.
- Accountable for the risk management and control assessments across both Cloud and Email domains, ensuring alignment with AIA’s risk framework and compliance requirement.
- Define and maintain Key Risk Indicator (KRI) and Key Control Indicator for Cloud and Email security, incorporating regulatory and compliance requirements.
- Regular monitoring and reporting KCIs to senior management, ensuring that risk levels remain within the defined risk appetite and any deviations are addressed promptly.
- Own the collaboration with Head of Digital Security to drive and implement Cloud and Email security initiatives, addressing key risk areas and control gaps through a well-defined and actionable roadmap.
- Oversees and manage Cloud and Email Security projects ensuring timely execution of strategic initiatives and BAU projects within the defined scope, budget and timeline.
- Evaluate and recommend cost effective solutions for Cloud and Email security controls that aligns to AIA’s security standards and budgetary goals
- Own the relationship with strategic vendors, ensuring the delivery of effective, efficient and scalable core services and adherence to the SLAs
- Coordinates Quarterly Business Reviews (QBRs) and roadmap sessions with vendors to assess performance and align on future initiatives and drive continuous improvement
- Oversee daily operations ensuring efficiency, quality, and compliance with AIA’s standards.
- Provides Subject Matter Expertise advice to IT and Information Security managements in Cloud and Email security, risks, controls and best practices.
- Optimizes security toolsets, processes, and organization to enhance control effectiveness and improve risk management across the Cloud and Email domains
- Partner with both teams in Cloud and Email security, as well as stakeholders across Business Unites to advocate for and implement security best practices.
- Lead, coach, mentor and develop a diverse and highly efficient team to deliver world-class outcomes for AIA.
- Bachelor’s degree in computer science or related discipline.
- 10+ years of experience in a technical role within Information Security or related discipline in a large organization
- Extensive knowledge of cloud security technologies (CSPM, CWP, CIEM, CNAPP, CASB, SSPM) and frameworks (CSA CCM, NIST-SP 800-53, NIST SP 800-144, ISO 27017).
- Hands-on experience managing cloud infrastructure like Azure and Alibaba Cloud.
- Deep expertise in email security technologies like email authentication (DMARC, DKIM, and SPF), anti-phishing, content filtering and malware detection.
- Experience in managing email security tools (e.g., Proofpoint, Barracuda) ensuring security compliance in email platforms like, M365, Google Workspace.
- Proven experience in team leadership and development.
- Strong ability to define, prioritize and execute processes in a structured manner.
- Excellent communication and interpersonal skills.
- Proficient in both spoken and written English.
- Demonstrated ability to stay current with emerging security trends and technologies
- Desirable Technical certifications: CISSP, CISA, CCSP, Azure AZ-500, Ali Cloud ACP.
- This role requires the successful candidate to be open to relocation to Malaysia