View All Jobs 159078

Senior Manager, Group Information Security Engineering (endpoint)

Lead the deployment of enterprise-wide endpoint security architecture and standards
Kuala Lumpur, Malaysia
Senior
yesterday
FWD

FWD

A pan-Asian insurance company offering life and medical insurance, general insurance, employee benefits, and financial planning services.

FWD IT Security Engineering Manager

FWD Group (1828.HK) is a pan-Asian life and health insurance business that serves approximately 34 million customers across 10 markets. FWD's customer-led and tech-enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience. Established in 2013, the company operates in some of the fastest-growing insurance markets in the world with a vision of changing the way people feel about insurance. FWD Group is listed on the main board of the Hong Kong Stock Exchange under the stock code 1828. FWD Technology and Innovation Malaysia Sdn. Bhd., known as FWD TIM, was established in late 2019. Strategically located in Kuala Lumpur, FWD TIM serves as a pivotal shared service location within FWD Group, providing services to multiple markets across the Group.

Purpose

Drive FWD IT Security Engineering function as a SME for FWD Group and all Business Units in Asia Pacific. Define and partner with stakeholders in a multi-disciplined team structure, designing and implementing cloud security solutions to provide coverage across a variety of projects. Lead stakeholders' and vendors engagements and providing subject matter expertise to Business Units and engagement teams. Develop deep working relationships with senior executives across engagement teams. Responsible and execute large-scale project deliveries. Manage teams and mentor junior resources. Oversee infrastructure and microservices security architecture. Review the infrastructure & microservices design against different security regulatory, industry and internal standards such as PCI DSS and CSA Containers' security guidelines and identifying the necessary security architecture requirements for the same. Review the infrastructure & microservices network and data architecture and identifying the necessary security architecture requirements for the same. Ensure that final design addresses identified threats and countermeasures during threat modelling. Build knowledge capital through research and development and leveraging industry insights to deliver best of breed expertise to stakeholders. Lead the growth of cloud security practice across business units, project team and other stakeholders. Drive IT Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.

Key Accountabilities

Managing and engineering endpoint protection solutions such as Microsoft Defender for Endpoint and CrowdStrike Falcon. Develop and enforce endpoint hardening standards, ensuring secure configurations are rolled out and maintained throughout the asset lifecycle. Align endpoint security initiatives with the broader Information Security strategic roadmap. Automate security operations using scripting languages (e.g., PowerShell, Python, KQL) to improve efficiency and consistency. Manage and maintain configuration scanning policies to ensure endpoints and servers adhere to security baselines (e.g., CIS Benchmarks, internal hardening standards). Collaborate with cross-functional teams to deliver endpoint security programs on time and within budget. Manage device control policies and ensure compliance with regulatory and internal standards. Support integration and policy enforcement through platforms like Microsoft Intune. Drive the successful delivery of network security projects, ensuring alignment with the Group Information Security strategies and business objectives. Drive awareness and support to Group IT Security, Group IT and Business Units IT, to understand the IT Security Solutions and Processes, as well as their implications across the organization. Drive IT Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement. Collaborate with cross-functional teams across Business Units to ensure consistent execution of security initiatives. Partner with the Head of IT Security Engineering and Group CISO, through tracking and reporting function, to ensure regular updates to management on the IT Security Engineering Program and risks. Provide technical leadership and mentorship to junior engineers and project teams. Continuously evaluate emerging technologies and recommend improvements to enhance the security infrastructure.

Key Performance Indicators

On Time on Budget delivery of key IT Security Engineering Program uplifts or deployments, aligned with Group IT Security roadmap. Support the Head of IT Security Engineering in continuous uplift of the IT Security Engineering program. Ensure IT Security Engineering Program across Business Units is carried out in alignment with the FWD business objectives and defined IT Security Plan timelines. Group IT Security Engineering Security Framework implementation and controls are delivered in a cost-effective way using processes and resources (including people and technologies) aligned with the FWD business goals. Group IT Security Engineering support and governance are provided for all Business Units. IT Security Engineering Program awareness is conducted when necessary. Doing things right, creating synergies for the overall FWD goals and objectives, along with a people first approach.

External & Internal Contacts

Head of IT Security Engineering, Group CISO, Business Units IT Security Teams, Group and Business Units Chief of Technology and Operations, Group and Business Units IT & Operations, Group and Business Units Internal Audit, External Auditors, Vendors and/or Service Providers.

Qualifications / Experience

Minimum 10 years working experience in IT Security Management role, preferably in Financial Services. Proven track record in delivering endpoint security projects and managing enterprise-grade solutions. Regional experience in IT Security Technical or Engineering roles. Strong analytical and problem-solving abilities with a proactive and collaborative mindset. Degree in Information Technology or equivalent discipline. Technical experience in Identify, Protect, Detect, Response or Recover areas. Good understanding of cloud environments and familiarity with how networks work in cloud environments.

Knowledge & Technical Skills

Possess relevant Information security and cloud related certifications. Relevant certification such as CISSP is a plus. Proficiency in scripting and automation tools to streamline security operations. Proven track records in designing and implementing endpoint security solutions. Excellent interpersonal and influential skills to enable the implementation and enforcement of the IT Security Engineering program. Good communication and presentation skills.

+ Show Original Job Post
Suggest a correction
























Senior Manager, Group Information Security Engineering (endpoint)
Kuala Lumpur, Malaysia
Engineering
Apply to job
About FWD
A pan-Asian insurance company offering life and medical insurance, general insurance, employee benefits, and financial planning services.