top of page

Security Architect - Asia Insurance Group

IT Security & Risk

3 January 2023

Hong Kong

Our client, a leading insurance group in Asia is looking for a Security Architect to comply with their increasing Cyber Security defense need. Great exposure and scale to work with one of the most prominent firms in the region.


  • Develop and maintain the cyber security architecture design, framework, roadmap, and policy.

  • Lead the technology assessment across cybersecurity including Session Security, Vulnerability/Pen Testing items, and Input Validation.

  • Lead the review of key digital applications and core IT systems including Authentication, Authorization, and Auditing.

  • Provide lead software delivery practices across design, delivery, and coaching.

  • Lead the design and build of security reference architecture and security blueprints.

  • Develop and maintain security architecture artifacts.

  • Act as a Security SME and review implementation design to the application and Infrastructure team, where it will meet the industry security standards.

  • Conduct Technical risk assessments to capture security exceptions and design associated compensating controls based on the assessment results.

  • Lead the infrastructure and application security framework and provide security assessments.

  • Work with other key Technology Leaders including Software, Data, and Infrastructure on Security standards and architecture design.


  • At least 8 years of experience in the Cyber Security space.

  • Experience in the Financial industry or major regional enterprise environment would be a great plus.

  • Ability to articulate security principles and security risks to non-technical business stakeholders.

  • Strong leadership experience in leading a delivery and architecture role.

  • Extensive knowledge of application, network, and platform security vulnerabilities. Ability to explain these vulnerabilities to developers.

  • Experience in designing and maintaining cyber security framework and policy, including network, application, endpoint, data, identity management, database and infrastructure, and container or cloud security.

  • Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.

  • Good knowledge of Enterprise Architecture frameworks such as TOGAF, Zachman, etc.

  • Security Certificates in CISSP, CISM, or equivalent.

  • Exposure to Cloud, Network and automation infrastructure would be a great plus.

  • Excellent communication skills in English.

  • Bachelor's Degree in Computer Science or related field from a reputable University.

bottom of page