Search Jobs
Search by job, company or skills
Search by job, company or skills
At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.
If you believe in developing a better tomorrow, read on.
About the Role
This position enhances the organisation's cybersecurity posture by driving penetration testing activities and strengthening vulnerability management capabilities. The role is responsible for identifying, validating, and tracking security weaknesses through structured assessments, coordinated testing, and continuous monitoring. It supports threatdriven analysis, remediation planning, and riskbased reporting to ensure timely closure of vulnerabilities.Roles and Responsibilities
Application Security & Vulnerability Management
Participate in vulnerability scans and coordinate followup activities to ensure timely remediation by the respective system owners.
Assist in documenting vulnerability risk assessments, mitigation plans, and remediation status tracking.
Support secure code review processes, including coordinating with developers and documenting identified issues.
Provide support for data protection assessments and secure development activities within the SDLC.
Coordinate and manage the scheduling of penetration testing activities, ensuring proper planning, prioritisation, and alignment with project timelines and business requirements.
Support endtoend documentation, preparation, and coordination for penetration testing engagements, including scope definition, test plan validation, and closure reporting.
Assess security controls and compliance within the SDLC, ensuring security requirements are embedded early and consistently across project phases.
Vendor & Procurement Management
Manage designated penetration testing and security assessment vendors, ensuring quality delivery, adherence to scope, and timely submission of reports.
Oversee the procurement process for security testing services, including preparing requirements, evaluating proposals, completing vendor onboarding documentation, and coordinating with Procurement and Finance for approvals.
Monitor vendor performance, service quality, and contract compliance, providing feedback and driving improvements where needed.
Audit & Compliance
Prepare, organise, and maintain documentation required for internal audits, external audits, and regulatory cybersecurity reviews.
Support evidence gathering, compliance validation, and tracking of audit observations related to application security, penetration testing, and vulnerability management.
Minimum Job Requirements
Bachelor's degree in Computer Science, Information Systems, or a related field.
1-3 years of experience in Application Security, Cybersecurity, or related domains.
Foundational knowledge of cybersecurity principles, tools, and frameworks, including but not limited to OWASP, NIST, ISO/IEC 27001, CIS Controls, MITRE ATT&CK, COBIT, and ITIL.
Familiarity with vulnerability scanners, penetration testing tools, and secure coding platforms is advantageous.
Strong analytical and documentation skills.
Good communication and teamwork abilities.
Industry certifications (e.g., CompTIA Security+, ISO 27001, or equivalent) are an advantage.
AIA Group Limited, often known as AIA , is a Hong Kong-based American multinational insurance and finance corporation. It is the largest public listed life insurance and securities group in Asia-Pacific. It offers insurance and financial services, writing life insurance for individuals and businesses, as well as accident and health insurance, and offers retirement planning, and wealth management services, variable contracts, investments and securities.
Job ID: 143161453
