AIA Digital+ Hiring! Full Time Assistant Manager, Security - Cloud Architect (SG Technology Centre) in Federal Territory - Ricebowl

Position Objective

We are seeking an Assistant Manager, Security & Cloud Architect under Singapore Technology Centre with strong hands‑on experience in designing and reviewing secure, cloud‑native solutions across interconnected applications, platforms, and infrastructure. The role provides security architecture leadership and advisory support covering application security, identity and access management, data protection, cryptographic controls, compliance, and the secure adoption of emerging technologies such as Generative AI (GenAI) and Large Language Models (LLMs).

This position partners closely with architecture, engineering, and delivery teams to perform security design reviews, architecture assessments, and risk‑based advisory for strategic digital initiatives—ensuring solutions enable business growth while maintaining a strong security and regulatory posture.

Key Responsibilities

Secure Solution Design & Technical Direction

• Lead security‑focused design of cloud solutions across application, integration, data, and infrastructure layers (Azure‑centric).
• Shape and evolve reference architectures and secure design patterns aligned to enterprise and Group standards.
• Produce and maintain key architecture deliverables (e.g. SAD, HLD) with clear security considerations and design decisions.

Cloud Application Security & Identity

• Design and review authentication and authorization models for cloud applications, ensuring strong access control, token handling, session management, cryptography, and data protection.
• Assess security implications of new or changed applications, tools, and platforms, including impact to existing architectures.
• Embed secure‑by‑design principles across APIs, integrations, and middleware components.

Emerging Technology & GenAI Security

• Provide security architecture input and assessment for solutions leveraging GenAI, LLMs, and machine‑learning technologies.
• Identify and address GenAI‑specific risks such as prompt injection, insecure outputs, model abuse, data poisoning, and sensitive data exposure.
• Apply OWASP Top 10 for LLM Applications and/or OWASP Top 10 for Machine Learning Security Risks when conducting design reviews and security assessments.
• Establish guardrails for LLM usage, including validation, access restriction, monitoring, data boundaries, and human‑oversight controls.
• Support responsible and compliant GenAI adoption aligned with enterprise risk, privacy, and regulatory expectations.

Security Architecture Execution & Improvement

• Implement and continuously enhance cloud security architecture and controls.
• Drive automation of security checks and controls across delivery pipelines and operational processes.
• Monitor evolving threats, vulnerabilities, and industry practices to improve the organisation’s security posture.

Risk, Compliance & Architecture Assurance

• Perform threat modelling, risk assessments, and security impact analysis for new and existing solutions.
• Contribute to Architecture Review Board (ARB) discussions and provide architectural assurance against standards, policies, and roadmaps.
• Ensure compliance with internal IT policies, regulatory requirements, and industry standards (e.g. NIST, PCI DSS).
• Support Local Information Security (LIS) activities related to audits, compliance reviews, and control validation.

Delivery Partnership & Advisory

• Work closely with enterprise architects, developers, DevOps teams, and vendors throughout delivery lifecycles.
• Provide practical guidance to resolve security design and implementation challenges.
• Communicate security risks and trade‑offs clearly to technical and business stakeholders, including senior leadership.

Capability Building & Enablement

• Act as the security architecture subject matter expert across cloud, application, and GenAI‑enabled solutions.
• Mentor junior team members and promote secure design awareness across IT and business teams.
• Facilitate balanced discussions where business needs, innovation, and security standards intersect.

Minimum Requirements

Education

• Bachelor’s degree in Computer Science, Information Security, Software/Computer Engineering, Enterprise/Solution Architecture, or related discipline.

Experience

• 8+ years in solution and/or security architecture roles (10–15 years preferred for senior profiles).
• 5+ years hands‑on experience in cloud and application security architecture (IaaS / PaaS / SaaS).
• Experience delivering secure digital solutions within financial services or insurance environments (preferred).
• Exposure to API‑based architectures, microservices, event‑driven integration, and DevSecOps practices.

Security & Technology Expertise

• Strong understanding of security frameworks such as ISO/IEC 27001, NIST, and COBIT; familiarity with PDPA, GDPR, and PCI DSS where applicable.
• Deep knowledge of identity and access management, data protection, cryptographic controls, and cloud security (Azure preferred).
• Working knowledge of CI/CD pipelines, infrastructure‑as‑code, and operational security guardrails.
• Awareness or hands‑on experience securing GenAI / LLM‑enabled applications, including prompt safety and data governance.
• Familiarity with OWASP Top 10 for LLM Applications and/or OWASP Top 10 for Machine Learning Security Risks.

Professional Attributes

• Strong communication skills with the ability to translate complex security topics into business‑relevant language.
• Analytical, pragmatic, and decisive with a collaborative mindset and strong ownership.

Certifications (Preferred)

• Security / Cloud: CISSP, CCSP, CISM, SABSA, Azure Solutions Architect, Azure DevOps.
• Architecture / Governance (nice to have): TOGAF, IASA.
• GenAI / AI security‑related training or experience (must).

*Applicants must be willing to adhere to Singapore Public Holiday schedule.