Information Security Architect at Allianz Insurance

Hong Kong Island, Hong Kong, China -

Full Time

Start Date

Immediate

Expiry Date

28 Aug, 26

Salary

0.0

Posted On

30 May, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Architecture, Information Security Governance, Risk Management, Threat Modelling, Cloud Security, ISO 27001, NIST CSF, DORA, NIS2, Stakeholder Management, Control Design, AI Security, Audit Support, Regulatory Compliance, Security Frameworks, Information Security Management

Industry

Financial Services

Description

As Security Architecture you will ensures that the design, operation, and governance of technology and business architectures align with regulatory requirements and the evolving threat landscape. You will ensures that security is embedded end-to-end across systems, processes, and third-party interactions by defining standards, conducting architecture reviews, and supporting stakeholders in building secure solutions based on best practices. This role also drives the continuous development of the security architecture capability, translates risk and threat intelligence into actionable design decisions, and acts as a key interface between business, IT, and security teams. It enables informed, risk-based decision-making while managing complexity and ensuring alignment with enterprise architecture. What you will do Security Controls & Frameworks Contribute to the continuous development and improvement of AllianzGI’s global information security programme, including policies, standards, frameworks, processes, and toolsets. Ensure that information security best practices are consistently applied across regions, entities, and technology domains, including traditional IT and emerging technologies. Security Architecture Reviews & Risk Assessment Conduct security architecture and governance reviews for systems, applications, and initiatives based on industry best practices and regulatory expectations. Review solutions leveraging cloud-native services, advanced analytics, or AI-enabled components, with a focus on secure architecture, data protection, and control design. Opportunities to broaden expertise across security governance, architecture, risk management, and emerging technology use cases. Threat Modelling & Control Design Perform threat modelling for systems and applications in scope as a structured means of identifying and communicating security risks. Apply internationally recognised threat modelling and risk assessment frameworks. Contribute to the design and refinement of preventive and detective security controls, including those addressing data-driven and automated decision systems, where relevant. Oversight, Reporting & Governance Forums Prepare, moderate, and actively contribute to information security governance forums, steering committees, and status meetings. Provide clear and structured reporting on information security risks, control effectiveness, and key issues to senior management and governance bodies. Support decision-making by balancing regulatory expectations, risk perspectives, and business priorities. Audit, Assurance & Regional Oversight Act as a regional information security point of contact for internal and external auditors, risk management, and business partners. Support audit activities, examinations, and reviews, including those covering complex or innovative technology use cases. Take the lead in oversight activities across other regional AllianzGI entities and support the harmonisation of information security governance practices. Awareness, Enablement & Collaboration Support and contribute to global security awareness, training, and communication initiatives. Provide input on awareness topics related to the secure and responsible use of new technologies, including AI-supported systems, where applicable. Work closely with a distributed team of Information Security, IAM, and Cybersecurity professionals across Asia and Europe to ensure effective collaboration and consistent outcomes. What you bring Information Security Expertise Strong foundation in Information Security Management, including governance, risk management, and security architecture within a regulated environment. Relevant industry certifications (e.g., CISSP, CISM, CISA) are appreciated. Frameworks, Standards & Regulation Strong knowledge of information security frameworks and standards (e.g., ISO 27001/27005, NIST CSF) and regulatory requirements relevant to financial services (e.g., DORA, NIS2). Ability to interpret regulatory expectations and translate them into practical and auditable security controls and governance processes. Risk Assessment & Operationalisation Hands-on experience in developing actionable security policies, guidelines, operating procedures, and control testing methodologies. Experience in identifying and assessing security risks, including threat modelling based on internationally recognised frameworks. Solid understanding of the security implications of modern technology architectures, including cloud services, data platforms, and AI-enabled solutions, without requiring deep model or algorithm expertise. Stakeholder Management & Communication Strong communication and interpersonal skills, with the ability to explain complex security topics to non-technical stakeholders. Proven experience working with diverse, distributed, and international teams. Experience engaging with senior stakeholders, including executive management, boards, auditors, and regulators. Delivery & Way of Working Structured, reliable, and solution-oriented working style. Ability to balance multiple parallel priorities, communicate realistic timelines, and consistently deliver high-quality outcomes. Experience with Responsible AI, Security Architecture and Information Security Frameworks. Language Requirements Proficiency in English is essential. Additional language skills, such as German, Mandarin, or Cantonese, are a plus. What we offer Balanced work environment: A dynamic office culture that supports flexibility and collaboration Secure your future: Access to pension, retirement, and/or savings plans as applicable to the work location Shared success: Company share purchasing plan Support for what matters: Mental health and wellbeing programs Investments in your career: Career opportunities within the entire Allianz Group Investments in your skills: Comprehensive learning and development offerings, including certifications and professional qualifications … and so much more!

Responsibilities

The role focuses on designing and governing technology architectures to align with regulatory requirements and the evolving threat landscape. Key duties include conducting security architecture reviews, performing threat modelling, and managing security governance forums.