Third-Party Security Risk Management, Consultant

Third-Party Security Risk Management, Consultant

Apply locations: Singapore, SG - AIA Singapore

Time type: Full time

Posted on: Posted 3 Days Ago

At AIA, we've started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we're now transforming our organization to be faster, simpler, and more connected. We want to develop digital solutions and experiences that help more people live healthier, longer, better lives.

We seek passionate individuals with tech, digital, and analytics expertise to help create positive, sustainable change through digitally enhanced experiences impacting millions.

If you believe in developing a better tomorrow, read on.

About the Role

This role oversees the Third-Party Security Risk Management domain, providing consultation and professional advice on information security and key technology risk matters relevant to the geographical scope. The role aims to foster a strong information security risk culture focused on people, processes, and technology. A good understanding of security requirements in the financial industry, technology risk management, and stakeholder collaboration is essential.

WHAT YOU'LL BE DOING Third-Party Security Risk Management

• Manage the process of assessing and evaluating the security postures of third-party vendors and partners, including monitoring assessments and working with assessors on TPSAs.
• Perform due diligence and risk assessments to ensure vendor compliance with regulatory and internal standards.
• Lead initiatives to uplift third-party security and improve customer experience.
• Review client contracts to align security clauses with company policies.
• Support audit and regulatory responses, including control assessments related to risk management.
• Support or drive security assessment services and related initiatives.

Specialized Areas Governance

• Lead or support governance of specialized information security areas like cloud security and application security.
• Collaborate with stakeholders across Technology risk management, Compliance, Legal, and other departments.

This role is a key support to the Senior Manager of Technology Vendor Management.

WHAT YOU SHOULD HAVE

• Degree in Computer Science, Engineering, Information Systems, Cyber Security, or related fields.
• Relevant security and audit certifications such as CISSP, CISA, CRISC, CCSP are preferred.
• 8-12 years of experience in IT, audit, or risk management, with strong knowledge of governance, cyber security, and technology risk reporting.
• Financial industry experience is preferred.
• Knowledge of MAS TRMG, ISO27001, NIST, SOC2, OSPAR standards is advantageous.
• Skills in developing security KPIs and metrics for risk reporting.
• Project management experience is a plus.
• Excellent communication, coordination, and interpersonal skills.
• Meticulous, analytical, and problem-solving traits.
• High energy, positive attitude, and ability to work independently with integrity.
• Eagerness to learn and grow in information security and risk management.

Build a career with us as we support our customers and community in living healthier, longer, better lives.

Applicants must provide all requested information, including Personal Data. Incomplete submissions may affect processing and outcomes. Ensure your information is accurate and current.

Similar Jobs (3)

• Technology Controls, Specialist
• Security Operations, Specialist
• Associate Director, Application Security

At AIA, we believe in better - in the work we do, the careers we build, and the lives we live. Join us to make a difference.