Functional Area: IT - Information Technology Estimated Travel Percentage (%): Up to 25%
Relocation Provided: Yes
AIG Employee Services, Inc.
The Malaysia CISO, will support the Business and region by understanding key business processes and critical systems, they will identify specific security needs and drive completion of projects and adoption of security procedures, policies and standards.
Responsibilities:
- Implement the Company’s information security strategy across the business unit environments
- Identify and understand key business processes, systems and specific security needs critical to Business Unit and region, and ensure they are incorporated into the overall cybersecurity strategy
- Formulate and facilitate the effective implementation of Technology Risk Management Framework (TRMF) and Cyber Resilience Framework (CRF)
- Responsible for ensuring customer, contractual and regulatory security requirements (e.g. GDPR, Malaysia Risk Management in Technology (RMiT)) are being met by the business units
- Advise senior management on technology risk and security matters, including developments in the financial institution’s technology security risk profile in relation to its business and operations, identifies exposures and threats and drives corrective plans based on risk
- Responsible person for ensuring information assets and technologies are adequately protected to preserve operational integrity and business continuity
- Remain current on constantly emerging Cybersecurity and geopolitical threats to ensure continual protection of the Company’s assets, information and reputation, ensuring the risk balance between risk posture and business agility
- Ensure security issues are addressed with timely, appropriate responses to minimize the impact to the Company, or its assets, customers or reputation
- Ensure the enterprise information security architecture and roadmaps are implemented and meet both business and information security objectives
- Responsible for ensuring security incident response, vulnerability management, cyber threat intelligence and associated mitigation processes are working well across global teams
- Support anticipating, identifying, and deterring cyber-based attacks against AIG and its business operations, employees, and subsidiaries
- Provide support to central team developing threat response and risk mitigation plans, including input into scenarios that involve invoking countermeasures and containment strategies
- Help develop business cases, secure leadership sponsorship, and drive adoption and implementation of security projects and programs
- Ensure security projects and activities are prioritized based on risk to the business unit; work with leadership team to develop risk management program to ensure the confidentiality, integrity, and availability of information owned, controlled or processed by the Company
- Monitor and evaluates risk performance metrics on key security issues and programs, recommends corrective action programs as appropriate, and drives remediation items to completion
Qualifications:
- Prior experience being part of large security teams with a global scope and a strong track record of success in complex environments
- Minimum of 8 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
- Ability to communicate security risks in business terms to all levels of the organization
- Experience in financial or insurance industry preferred
- Information security management certification such as CISSP or CISM
- Trustworthy with high standards of personal integrity
- Typically a background in technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security
- Knowledge of security metrics and Key Security Risk indicators and how to implement them
- Travel 25% estimated, international travel will be required
It has been and will continue to be the policy of American International Group, Inc., its subsidiaries and affiliates to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.
At AIG, we believe that diversity and inclusion are critical to our future and our mission – creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives.
