• Lead security architecture reviews for new and existing systems, ensuring alignment with Amplify Health’s security standards and Group requirements.
• Define secure design patterns and perform threat modeling for applications and cloud-native workloads.
• Conduct security risk assessments and recommend mitigation strategies for identified gaps.
• Integrate security testing into CI/CD pipelines, ensuring automated checks for vulnerabilities, secrets and misconfigurations.
• Assess third-party and vendor security controls, including contractual and security compliance obligations.
• Provide guidance on emerging technologies and architectural improvements to enhance security posture.
  
  

• Monitor and analyze security events using SIEM tools to detect anomalies and potential threats.
• Lead incident response activities, including containment, eradication, and recovery, following established playbooks.
• Perform advanced threat hunting and digital forensic investigations (DFIR) for complex incidents.
• Conduct and coordinate vulnerability assessments and penetration testing to identify weaknesses in systems and applications.
• Support Security automation and orchestration (SOAR) initiatives to streamline detection and response workflows.
• Prepare SOC reports and metrics for management, highlighting trends and improvement opportunities.
  
  

• Manage the end-to-end vulnerability lifecycle: identification, assessment, prioritization, and remediation tracking.
• Integrate automated scanning tools (SAST, DAST, dependency checks, container image scanning) into CI/CD pipelines.
• Enforce mandatory remediation of Critical and High severity vulnerabilities before production release.
• Apply a standardized risk rating matrix (Likelihood, Exploitability, Impact) for prioritization and reporting.
• Stay updated on emerging threats, CVEs, and exploit trends; recommend improvements to scanning tools and workflows.
  
  

• Assist in implementing DLP strategies across endpoints, networks, and cloud environments.
• Support data classification and labeling initiatives to protect sensitive information.
• Contribute to DLP incident response workflows and reporting for compliance and audit readiness.
  
  

• Maintain security documentation, including policies, SOPs, and governance frameworks.
• Manage security exceptions and ensure compliance with BAU governance standards.
• Support Jira-based workflows for security tasks, incident tracking, and audit readiness activities.
• Collaborate with engineering teams to embed security controls into operational processes.
  
  

• Hands-on experience with threat modeling frameworks (MITRE ATT&CK, STRIDE) and risk assessment methodologies.
• Strong knowledge of cloud security architecture (Azure), CI/CD security integration, and security tools (SIEM, SOAR, DLP, SAST/DAST).
• Familiarity with secure design principles, application security, and third-party risk assessments.
• Understanding of regulatory frameworks (ISO 27001, NIST CSF, GDPR) and compliance requirements.
• Relevant certifications preferred: CISSP, CCSP, CISM.
• Bachelor’s degree required in Information Technology / Computer Science; specialisation in Information Security would be advantageous.
  
  

• Technical Domain Expertise: Demonstrates deep proficiency across security architecture, cloud security (Azure), vulnerability management, and SOC operations. Applies recognized security frameworks (e.g., NIST CSF, MITRE ATT&CK, STRIDE) to drive robust and scalable security controls. Serves as the go‑to expert for translating technical threats into practical risk mitigation strategies.
• Strategic Architect: Thinks beyond immediate risks to design long‑term, secure-by-design architectural patterns and guardrails. Anticipates evolving threat landscapes and embeds forward‑looking security roadmaps into platform, product, and engineering strategies. Balances innovation with risk governance to support the company’s scale-up trajectory.
• Unifier & Cross-Functional Influencer: Collaborates seamlessly with engineering, platform, operations, product, and risk teams to embed security into every stage of the lifecycle. Communicates complex technical concepts in clear, actionable terms that drive alignment and informed decision‑making. Builds trusted relationships that enable security to function as a business enabler, not a blocker.
• Data-Driven Decisiveness: Makes timely, well‑reasoned decisions grounded in quantitative data, threat intelligence, vulnerability metrics, and SOC insights. Prioritizes based on impact, exploitability, and business context. Leverages dashboards and analytics to shape recommendations, influence stakeholders, and track measurable improvements in security posture.
• Resilient Operator: Performs effectively in high‑pressure environments, especially during incidents, time‑sensitive remediations, and audits. Demonstrates composure, structured thinking, and clear communication in crisis situations. Persists through ambiguity and complexity, adapting quickly to shifting priorities while maintaining high standards of execution.
• Insatiable Curiosity: Continuously explores emerging technologies, threat vectors, and industry best practices—bringing fresh insights to improve security architecture and operations. Challenges assumptions and seeks innovative approaches to strengthen defenses, optimize tools, and automate processes. Demonstrates a strong learning mindset and desire to stay ahead of adversaries.
  
  

ABOUT AIA

For over a century, AIA has served the ever-changing needs of our customers across Asia-Pacific. Our Purpose to help millions of people live Healthier, Longer, Better Lives is at the heart of everything we do.

As pioneering innovators, we’re now transforming AIA to be faster, simpler and more connected to create better solutions and impactful experiences for our customers and communities. AIA encourages and enables our people to act with clarity, courage and humanity in service of our Purpose.

JOIN US

At AIA, we believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. Whether it’s investing better wellbeing, inspiring better learning, building better relationships, or making a better impact on customers, a career at AIA will challenge you to find new ways to pursue your ‘better’.

AIA is committed to building a vibrant, diverse, and inclusive workforce for all employees to thrive in. Join us if you believe in creating a better tomorrow!