Senior IT Security and Infrastructure Support Lead

About FWD Group

FWD Group (1828.HK) is a pan-Asian life and health insurance business that serves approximately 34 million customers across 10 markets, including BRI Life in Indonesia. FWD’s customer-led and tech-enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience. Established in 2013, the company operates in some of the fastest-growing insurance markets in the world with a vision of changing the way people feel about insurance. FWD Group is listed on the main board of the Hong Kong Stock Exchange under the stock code 1828.

For more information, please visit www.fwd.com

For more information about FWD Cambodia, please visit www.fwd.com.kh.

The role is responsible for driving and ensuring the successful implementation of the Information Security Program by addressing security risks and recommending appropriate controls aligned with FWD’s standards and policies. It involves close collaboration across multiple teams within Group Technology and business functions to maintain a consistent and resilient security landscape. Additionally, the role serves as a trusted advisor to business stakeholders, offering guidance on information security processes and controls to effectively mitigate risks.

Key Responsibilities:

• Work closely with business stakeholders to understand business strategy and Information Security needs and propose appropriate Information security solutions in line with the Group Information Security Policies and Standards.
• Drive and ensure “security by design” is embedded in the BU IT projects and IT software development lifecycle and guide the project team to undergo the required Information Security tollgates.
• Guide Technology and Business project teams on the expected IT/Information security deliverables in all cloud adoption initiatives.
• Manage vulnerabilities, security deficiencies and non-compliance by identifying the risk, assessing to determine the risk level, working with respective teams on risk treatment and closely monitor the risk area regularly.
• Actively work with business functions to identify security gaps and recommend measures to strengthen the overall security posture.
• Perform other tasks as assigned by the manager