AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives.
If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment.
If you want to shape a brighter future at AIA Digital+, please read on.
About the Role
Provide technical and operational leadership for AIA's global endpoint security capability-owning the strategy, engineering standards, and day-to-day governance of EDR/AV and endpoint hardening controls across Windows, Linux, and cloud workloads. Ensure high tool health and coverage, accelerate detection and response outcomes through SIEM/SOAR integrations and automation, and partner with SOC/IR, workplace/infra teams, and business stakeholders to reduce endpoint risk while maintaining user productivity.
1. Strategy, Architecture & Governance
- Own and drive the global endpoint security product strategy and roadmap, covering EDR/AV, exploit mitigation, device control, host firewall, and application control.
- Align endpoint security capabilities with enterprise security architecture, regulatory requirements, and business priorities.
- Define and enforce governance models for policy management, exception handling, and risk acceptance, including approval workflows and periodic reviews.
- Evaluate emerging threats, platform changes, and new security capabilities, recommending strategic enhancements with clear risk vs. value trade-offs.
2. Engineering & Security Architecture
- Lead the engineering design and implementation of endpoint security controls across:
- Microsoft Intune
- Group Policy Objects (GPO)
- Configuration management platforms
- Define and maintain standardized security baselines and hardening guidelines, including reusable configurations and gold images aligned to CIS benchmarks.
- Establish controls for exception management, configuration drift monitoring, and compliance enforcement.
- Expand and strengthen endpoint runtime protection and agent guardrails to enhance resilience.
3. Endpoint Protection & Platform Management
- Manage and optimize endpoint security technologies, including:
- Antivirus / EDR / HIPS
- Device control and application control
- Host-based firewall and exploit protection
- Ensure effective security coverage across:
- User endpoints
- Servers
- Cloud workloads
- Drive agent lifecycle management, including packaging, deployment, upgrades, health monitoring, and decommissioning.
- Achieve and maintain ≥90% deployment and compliance posture across all regions and business units.
4. Security Operations & ITIL Service Ownership
- Own and operate endpoint security as a critical ITIL-aligned service, including:
- Incident triage and escalation
- Problem management and root cause analysis
- Major incident participation
- Change governance and release management
- Drive continuous service improvement (CSI) initiatives to enhance service reliability, performance, and user experience.
- Troubleshoot and resolve complex endpoint security issues, ensuring effective stakeholder communication.
5. Threat Detection, Response & SOC Integration
- Collaborate closely with SOC and Incident Response teams to:
- Enhance detection use cases and analytics
- Improve response playbooks and automation
- Optimize containment actions (e.g., host isolation, process termination, file quarantine)
- Drive improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for endpoint-related incidents.
6. Data, SIEM & Analytics Integration
- Lead integration of endpoint telemetry into SIEM and analytics platforms, ensuring:
- Reliable log collection pipelines
- Data normalization and enrichment
- Scalable reporting and threat analytics
- Enable data-driven visibility and reporting for leadership and operational teams.
7. Integration with Enterprise Security Ecosystem
- Drive integration of endpoint platforms with adjacent security controls, including:
- Email and threat gateways (e.g., Proofpoint, Exchange Online Protection)
- Secure web gateways and ZTNA solutions (e.g., Zscaler)
- Improve end-to-end threat prevention, detection, and response capabilities across multiple security layers.
8. Vulnerability & Exposure Management
- Partner with patching and vulnerability teams to:
- Drive remediation prioritization
- Reduce attack surface through secure configurations
- Align endpoint security posture with industry frameworks, such as:
- CIS Benchmarks
- MITRE ATT&CK framework
9. Performance Management, Reporting & Governance
- Define and track service KPIs, SLAs, and compliance metrics.
- Develop dashboards and operational reports for leadership and regional stakeholders.
- Conduct regular service reviews to drive improvements in:
- Adoption
- Stability
- Coverage
- User experience
10. Vendor & Stakeholder Management
- Manage endpoint security vendors and managed service providers, including:
- Contract governance and performance management
- Roadmap influence and feature enhancements
- Cost optimization
- Engage with regional/in-country stakeholders to ensure alignment and compliance targets are met.
11. Leadership & Capability Development
- Provide technical leadership, mentorship, and coaching to engineers and analysts.
- Develop and maintain:
- Standard operating procedures (SOPs)
- Runbooks and playbooks
- Knowledge base articles
- Build scalable capabilities to support consistent global service delivery.
12. Continuous Improvement & Innovation
- Monitor industry trends, emerging threats, and technology advancements across Windows, Linux, macOS, and cloud platforms.
- Identify and implement feature enhancements and operational improvements.
- Drive innovation to continuously strengthen endpoint security maturity and resilience.
