Application Security Engineer

At AIG, we are reimagining the way we help customers to manage risk. Join us as a Junior Application Security Engineer to play your part in that transformation. It’s an opportunity to grow your skills and experience as a valued member of the team.

Make your mark in Global Business Operations & IT

As a world leader in commercial and personal insurance solutions operating in over 70 countries and jurisdictions, AIG’s Global Business Operations & IT team identifies and drives high-quality innovation and cost efficiency in all our processes, systems and operations. The organization ensures we operate as one globally consistent business delivering end-to-end services locally that contribute to our customers’ and AIG’s success.

The Junior Application Security Engineer is an integral part of the Information Security Team.

How you will create an impact

• Help pilot, implement and operate an AI tool/service to drive continuous application penetration test automation. The implementation of AI tool/service to drive application penetration testing will enable scaling penetration testing for all applications going through SDLC at a reduced cost and help reduce cyber risk for AIG.

• Support the Lab that is used to drive security assessments and penetration testing by Cyber Threat Management (CTM) Teams.

• Assist in protecting applications, data, and systems by reducing security risks in custom and third-party software applications.

• Has a good understanding of application security weaknesses for various technologies including web applications, databases, and multi-tier applications.

• Knowledge of OWASP Top 10 and SANS TOP 25 vulnerabilities and remediation practices associated with each category.

• Use manual techniques and automated tools to analyze applications and source code to identify vulnerabilities, triage results, and provide mitigation plans for discovered risks.

• Assist lead analysts/engineers in analyzing the security of applications and their underlying services, integrating security touchpoints into all phases of the software development life cycle, and fostering a security mindset within development teams.

What you’ll need to succeed

• Development experience - application\software programming required (2+ years’ experience).

• A good understanding of application security weaknesses for various technologies including web applications, databases, and multi-tier applications is required.

• A good understanding of how Active Directory works regarding user and on a computer objects, as well as Groups, permissions, and inheritance

• Knowledge of application security testing tools such as Burp Suite, OWASP ZAP, Metasploit, PowerSploit, etc.

• Ability to review source code and explain mitigation controls within source code for languages including, JAVA, .Net, Python, HTML, etc.

• Ability to review, modify and create scripts for automating tasks using languages such as Python, Go, Powershell, etc.

• Up to date knowledge of the security landscape pertaining to new technologies.

• Ability to positively influence the behavior of peers and build relationships with other teams.

• Self-starter, ability to work independently with minimal supervision and as part of a team.

• Highly adaptable, and able to pivot rapidly to meet emerging threats/organizational needs.

• Any of the following certifications: CISSP, GIAC GSSP, CET, OSCP, OSCE, etc. is ideal

Ready to make a bigger impact? We look forward to receiving your application.

At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.

Enjoy benefits that take care of what matters

At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of inclusion

We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities.  If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com.  

Functional Area:

IT - Information Technology

AIG Employee Services, Inc.