Chief Security Information Officer, Malaysia

Chief Security Information Officer, CISO, Malaysia At AIG, we are reimagining the way we help customers manage risk. Join us as a Chief Security Information Officer, Malaysia, to play your part in that transformation. It’s an opportunity to grow your skills and experience as a valued member of the team. Make your mark in IT At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance. The Malaysia CISO will support the business and region by understanding key business processes and critical systems. They will identify specific security needs and drive completion of projects and adoption of security procedures, policies, and standards. Job Description Key Job Responsibilities: - Responsible for providing security leadership, advice, and counsel to executive management teams on security policy and practices; identifies exposures and threats and drives corrective plans based on risk. - Implement the company’s information security strategy across the business environments. - Ensure the enterprise information security architecture and roadmaps are implemented and meet both business and information security objectives. - Identify and understand key business processes, systems, and specific security needs critical to the Business Unit, and ensure they are incorporated into the overall cybersecurity strategy. - Help develop business cases, secure leadership sponsorship, and drive adoption and implementation of security projects and programs. - Support the business in its compliance with Malaysia Risk Management in Technology (RMiT) or any other relevant regulatory guidelines/standards issued by the local regulator. - Help formulate and facilitate the effective implementation of relevant technology risk/information security standards required by the respective regulators (e.g., RMiT Technology Risk Management Framework, and Cyber Resilience Framework) for the local entity. - Ensure security projects and activities are prioritized based on risk to the business unit; work with the leadership team to develop risk management programs to ensure the confidentiality, integrity, and availability of information owned, controlled, or processed by the company. - Support anticipating, identifying, and deterring cyber-based attacks against AIG and its business operations, employees, and subsidiaries. - Provide support to the central team developing threat response and risk mitigation plans, including input into scenarios that involve invoking countermeasures and containment strategies. - Ensure security issues are addressed with timely, appropriate responses to minimize the impact on the company, its assets, customers, or reputation. - Monitor and evaluate risk performance metrics on key security issues and programs, recommend corrective action programs as appropriate, and drive remediation items to completion. - Actively contribute to matters discussed at management committees (e.g., risk committee meetings, Board of Directors meetings) where information security is an invitee or a member, and where relevant, provide inputs on matters under the information security purview. - Remain current on constantly emerging cybersecurity and geopolitical threats to ensure continual protection of the company’s assets, information, and reputation while ensuring the balance between risk posture and business agility. What we’re looking for: Requirements: - Prior experience leading mid-size information security teams with a strong track record of success in complex environments. - 15+ years of full-time related work experience in information security management and/or related functions (such as Technology Risk Management). - At least 3 years holding a senior security leadership position at a company. - Ability to communicate information security risks effectively in business terms at all levels of the organization. - Experience in the financial or insurance industry preferred, with an in-depth understanding of the relevant local regulatory requirements. - Information security-related certifications such as SANS, ISC2, ISACA, ISO 27001 will be desirable. - Trustworthy, proactive, and takes leadership, with high standards of personal integrity. - Typically also possesses a background in technical IT roles such as security architecture, technology risk and governance, or cybersecurity strategy—with overarching information security oversight. - Knowledge of security metrics and Key Security Risk indicators and how to implement them. - Ability to work locally without the need for visa/work permit sponsorship. #LI-SK1 At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike. Enjoy benefits that take care of what matters: At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing, and financial security—as well as your professional development—to bring peace of mind to you and your family. Reimagining insurance to make a bigger difference to the world American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us—across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them manage risk, respond to times of uncertainty, and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become. Welcome to a culture of inclusion We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions, and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities, and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone of our culture of inclusion. The talent of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations. AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability, or any other legally protected categories. AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com. Functional Area: IT - Information Technology AIG Technologies (Malaysia) Sdn Bhd