IT Security and Operation, Specialist

FIND YOUR 'BETTER' AT Blue Care We don’t simply believe in being ‘The Best’. We believe in better - because there’s no limit to how far ‘better’ can take us. We believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. So that together we can support even more people - including our own - to live Healthier, Longer, Better Lives. If you believe in better, we’d love to hear from you. About the Role This Specialist will act as the primary contact between the Group Cybersecurity Team and internal teams, ensuring efficient communication, incident tracking, and resolution facilitation. This Specialist will be responsible to the implementation and execution of information security management governance programmes with the alignment of the Group Information Security’s strategic direction. Additionally, this Specialist will be responsible for firewall rule reviews and Web Application Firewall (WAF) support, ensuring secure configurations and compliance with security policies. The position requires availability for non-office hours to handle urgent security incidents.Roles and Responsibilities: BAU Operations (40%) Work with Group and local Risk team to handle Third Party Risk Management Work on Third Party Security Assessment for both internal and external parties Work with Group Information Security team to handle the issue reported at Weekly Security Dashboard Firewall Rule Review: Review and validate firewall rule change requests to ensure security compliance. Work with IT teams to optimize firewall rules and reduce unnecessary access. Web Application Firewall (WAF) Support: Assist in managing and tuning WAF policies to protect web applications. Support troubleshooting and resolving WAF-related issues. Support audits, compliance, risk assessments and continuous security improvements. Security Operations (40%) Be the local SME on products and solutions offered by Group Information Security and follow up with them on all related issues In charge of the annual recertifications of both local and Group-wide programs across all departments Work with application teams to document and onboard new applications to strategic solutions offered by Group Information Security Partner with Group Information Security to maintain local specific security configurations Automate the data generation and reconcile the inventory for management reporting Work on information preparation for audit requests Cyber Hygiene (20%) Execute the governance programs on security healthiness of IT assets such as applications, servers, databases, workstations, LAN ID, PIDs, etc. Prepare the issue report for management attention Drive the remediation of all information security issues Minimum Job Requirements: Bachelor’s Degree, preferred in Computer Science, Information System or related disciplines Minimum 3 years of working experience in Information Security management, or relevant control functions in financial field. Familiarize with Information Security management and regulatory requirements. Previous IT risk control or audit experience, and project management are preferable. Able to work independently, handle and manage tasks with tight deadlines. Excellent presentation and communication skills. Support ad-hoc tasks and assignments from the supervisor, including project-related security reviews or urgent security requests. Certified with CISSP, CISA or CISM will be an advantage. Experience in a multinational or regional security team is a plus. Others: You are required to obtain the relevant license(s) if your job involves regulated activities Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives. You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date. At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. It's about finding new ways to not only better people's lives, but to better the communities and environments we live in. As the largest listed company on the Hong Kong Stock Exchange, we’ve been proudly making a difference for people and communities across Asia for over a century. And we build on this every day with our ambition to engage one billion people to live Healthier, Longer, Better Lives by 2030. If you work at AIA, you play an important part in this movement. Which is why we give you every opportunity to learn, grow and shape your career - your way. Inspiring and supporting you to thrive - not just at work, but in life. Believe in better with AIA. View our AIA LinkedIn page Bring your difference to AIA