JoBuzzerJoBuzzer
AIA logo

Senior Manager, Digital Security

AIA
Malaysia·Cyberjaya·Selangor·Kuala Lumpur·Full Time·Remote·Cybersecurity·Manager
Search on LinkedIn ↗

Summary

AIA Digital+ is seeking a Senior Manager, Digital Security to provide global leadership for endpoint security, including EDR/AV and hardening across Windows, Linux, and cloud. This role involves strategy, engineering, operations, and integration with security tools like SIEM/SOAR. Responsibilities include managing security technologies, ensuring high tool health, collaborating with SOC/IR teams, and driving continuous service improvement. The position requires defining and tracking KPIs, managing vendors, and providing technical mentorship. Experience with Microsoft Intune, GPO, and CIS benchmarks is expected. The goal is to reduce endpoint risk while maintaining user productivity.

Required Skills

Endpoint SecuritySIEMSOAREDRMicrosoft Intune

Details

Experience Required
5+ years
Posted
~Jun 29, 2026

Description

Are you ready to shape a better tomorrow?

AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives.

If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment.

If you want to shape a brighter future at AIA Digital+, please read on.

About the Role

Provide technical and operational leadership for AIA’s global endpoint security capability—owning the strategy, engineering standards, and day-to-day governance of EDR/AV and endpoint hardening controls across Windows, Linux, and cloud workloads. Ensure high tool health and coverage, accelerate detection and response outcomes through SIEM/SOAR integrations and automation, and partner with SOC/IR, workplace/infra teams, and business stakeholders to reduce endpoint risk while maintaining user productivity.

1. Strategy, Architecture & Governance

  • Own and drive the global endpoint security product strategy and roadmap, covering EDR/AV, exploit mitigation, device control, host firewall, and application control.
  • Align endpoint security capabilities with enterprise security architecture, regulatory requirements, and business priorities.
  • Define and enforce governance models for policy management, exception handling, and risk acceptance, including approval workflows and periodic reviews.
  • Evaluate emerging threats, platform changes, and new security capabilities, recommending strategic enhancements with clear risk vs. value trade-offs.

2. Engineering & Security Architecture

  • Lead the engineering design and implementation of endpoint security controls across:
    • Microsoft Intune
    • Group Policy Objects (GPO)
    • Configuration management platforms
  • Define and maintain standardized security baselines and hardening guidelines, including reusable configurations and gold images aligned to CIS benchmarks.
  • Establish controls for exception management, configuration drift monitoring, and compliance enforcement.
  • Expand and strengthen endpoint runtime protection and agent guardrails to enhance resilience.

3. Endpoint Protection & Platform Management

  • Manage and optimize endpoint security technologies, including:
    • Antivirus / EDR / HIPS
    • Device control and application control
    • Host-based firewall and exploit protection
  • Ensure effective security coverage across:
    • User endpoints
    • Servers
    • Cloud workloads
  • Drive agent lifecycle management, including packaging, deployment, upgrades, health monitoring, and decommissioning.
  • Achieve and maintain ≥90% deployment and compliance posture across all regions and business units.

4. Security Operations & ITIL Service Ownership

  • Own and operate endpoint security as a critical ITIL-aligned service, including:
    • Incident triage and escalation
    • Problem management and root cause analysis
    • Major incident participation
    • Change governance and release management
  • Drive continuous service improvement (CSI) initiatives to enhance service reliability, performance, and user experience.
  • Troubleshoot and resolve complex endpoint security issues, ensuring effective stakeholder communication.

5. Threat Detection, Response & SOC Integration

  • Collaborate closely with SOC and Incident Response teams to:
    • Enhance detection use cases and analytics
    • Improve response playbooks and automation
    • Optimize containment actions (e.g., host isolation, process termination, file quarantine)
  • Drive improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for endpoint-related incidents.

6. Data, SIEM & Analytics Integration

  • Lead integration of endpoint telemetry into SIEM and analytics platforms, ensuring:
    • Reliable log collection pipelines
    • Data normalization and enrichment
    • Scalable reporting and threat analytics
  • Enable data-driven visibility and reporting for leadership and operational teams.

7. Integration with Enterprise Security Ecosystem

  • Drive integration of endpoint platforms with adjacent security controls, including:
    • Email and threat gateways (e.g., Proofpoint, Exchange Online Protection)
    • Secure web gateways and ZTNA solutions (e.g., Zscaler)
  • Improve end-to-end threat prevention, detection, and response capabilities across multiple security layers.

8. Vulnerability & Exposure Management

  • Partner with patching and vulnerability teams to:
    • Drive remediation prioritization
    • Reduce attack surface through secure configurations
  • Align endpoint security posture with industry frameworks, such as:
    • CIS Benchmarks
    • MITRE ATT&CK framework

9. Performance Management, Reporting & Governance

  • Define and track service KPIs, SLAs, and compliance metrics.
  • Develop dashboards and operational reports for leadership and regional stakeholders.
  • Conduct regular service reviews to drive improvements in:
    • Adoption
    • Stability
    • Coverage
    • User experience

10. Vendor & Stakeholder Management

  • Manage endpoint security vendors and managed service providers, including:
    • Contract governance and performance management
    • Roadmap influence and feature enhancements
    • Cost optimization
  • Engage with regional/in-country stakeholders to ensure alignment and compliance targets are met.

11. Leadership & Capability Development

  • Provide technical leadership, mentorship, and coaching to engineers and analysts.
  • Develop and maintain:
    • Standard operating procedures (SOPs)
    • Runbooks and playbooks
    • Knowledge base articles
  • Build scalable capabilities to support consistent global service delivery.

12. Continuous Improvement & Innovation

  • Monitor industry trends, emerging threats, and technology advancements across Windows, Linux, macOS, and cloud platforms.
  • Identify and implement feature enhancements and operational improvements.
  • Drive innovation to continuously strengthen endpoint security maturity and resilience.

Build a career with us as we help our customers and the community live healthier, longer, better lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.