Responsibilities: Provide security advisory on solution architecture, business requirements, and security-related enquiries, including AI/ML use cases and network designs. Lead security architecture reviews to ensure systems, applications, AI services, and networks align with Group security policy and industry standards. Conduct security risk assessments on technology solutions and technical controls, covering application, infrastructure, AI/ML models and pipelines, and network exposures; define remediation plans and risk treatments. Ensure security in DevSecOps security, infrastructure and application security, including integrate security controls in CI/CD, IaC, containers/Kubernetes, service mesh/mTLS, secrets management, and vulnerability management. Support internal & external security audit/compliance assessments, and devise mitigation measures to address findings effectively Security Incident management and support 1st line to ensure timely detection, response, and resolution of security incidents. Periodically review and update security policies, standards, and operating procedures for control enhancement. Prepare management reports to Chief Security Officer & Management team. Qualifications: 4+ years of professional experience in information security, security risk management, or a related field. Bachelor’s or Master’s in Computer Science, Information Security, Engineering, or related field Strong understanding of cloud security principles and best practices, with hands-on experience securing cloud environments such as Azure and AWS. Knowledge of DevSecOps practices and application security, including secure coding standards, vulnerability assessments, and secure deployment methodologies. Strong threat modeling, secure design, and incident response skills; excellent communication and stakeholder management. Experience participating in or coordinating Red Team/Blue Team exercises, penetration testing, and threat intelligence simulations is a plus. Fluent in English, both verbal and written. Relevant certifications such as CISSP, CISA, OSCP, CEH, ISO 27001, cloud security certifications (AWS/Azure/GCP) or similar are advantageous. About AXA Hong Kong and Macau AXA Hong Kong and Macau is a member of the AXA Group, a leading global insurer with presence in 50 markets and serving 95 million customers worldwide. Our purpose is to act for human progress by protecting what matters. As one of the most diversified insurers in Hong Kong, we offer integrated solutions across Life, Health and General Insurance. We are the largest General Insurance provider and a major Health and Employee Benefits provider. Our aim is to not only be the insurer to provide comprehensive protection to our customers, but also a holistic partner to the individuals, businesses and community we serve. At the core of our service commitment is continuous product & service innovation and customer experience enrichment, which is achieved through actively listening to our customers’ needs and leveraging and investing in technology and digital transformation. We embrace our responsibility to be a driving force against climate change and a force for good to create shared value for our community. We are proud to be the first to address the importance of mental health through different products and services and thought leading iconic research. Our overall Sustainability Strategy, with emphasis on climate strategy and biodiversity commitment, is developed based on TCFD recommendations. We are committed to integrating environmental, social and governance factors across our business and strive to contribute to a sustainable future through 3 distinct roles - as an investor, an insurer and an exemplary company. AXA is an equal opportunity employer. We are committed to promoting Diversity and Inclusion (D&I) by creating a work environment where all employees are treated with dignity, respect, and where individual differences are valued. We welcome and treasure diverse profiles to join our big family, and to build an inclusive culture together which allows everyone to maximise their personal potential. Our people strategies are designed to enhance employee well-being and professional growth, ultimately empowering them to excel within the company. Click here to learn more about our Benefits (https://www.axa.com.hk/en/benefits) , Culture (https://www.axa.com.hk/en/culture-and-values), & Career Development (https://www.axa.com.hk/en/career-development).