IT Security Advisory Lead

Who we are

American International Group, Inc. (AIG) is a leading global insurance organization. AIG member companies provide a wide range of property casualty insurance in approximately 70 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets and manage risks. We’re also committed to making a positive difference for our colleagues and in the communities where we work and live. We encourage colleagues to give back to the causes they care most about, supporting these efforts through our Volunteer Time Off and Matching Grants Programs.

Get to know the business.

Information Technology

At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance.

About the role

What you need to know:

The Security Advisory Lead is responsible for working directly with business colleagues, members of leadership, and IT staff to partner on IT security-related matters. This position focuses on the firm’s Vulnerability Disclosure Program, Control Effectiveness Testing program, and must have demonstrated experience in development of communications. 

We want to hear from you today if you can: 

·       Provide security-related guidance and assistance to Business Unit IT project teams to establish security compliant designs for applications and controls 

·       Contribute to an industry leading Vulnerability Disclosure Program 

·       Perform, analyze, and report on manual control assessments (e.g. firewalls, anti-virus, and web proxy) with senior leaders, business colleagues, and regional entities 

·       Create high quality technical and non-technical writing deliverables  

·       Advocate corporate information security policy and procedure to internal and external clients, customers, users and staff 

·       Develop quality program metrics to measure program performance as well as enterprise risk.  This data must provide actionable intelligence to help drive and track progress of the security program. 

·       Perform other security related duties as requested 

What we are looking for 

·       BS/BA in Information Systems, Engineering, Computer Science/MIS, or relevant experience with areas of focus in Technology, or Information Security required 

·       CRISC, CISSP, OSCP, and GIAC, or other relevant certification is desired; non-certified hires are encouraged to become certified within 1 year from the date of hire 

·       7+ years or more experience in information security related positions 

·       Knowledge in evaluating OWASP top 10 web application and API vulnerabilities 

·       Hands-on experience with Burp Suite, SIEM tools, and/or Vulnerability Disclosure Programs preferred 

·       Ability to define solutions from ambiguous scenarios 

·       Monitor remediation activities through completion, and provide guidance where applicable 

·       Training and mentorship to other team members and early career security colleagues 

·       General knowledge of security auditing processes 

·       Excellent written and verbal communication skills 

·       Strong familiarity with security controls across multiple OSI domains 

·       Strong management and organizational skills 

·       Willing to be flexible and apply creative problem-solving skills to reduce risk to the firm while minimizing disruptions to the business 

·       Able to work independently and think outside the box to continue to grow and mature the organization’s security posture        

·       Strong storytelling and artifact creation for all audience levels 

·       Ability to deal diplomatically and effectively at all levels of the organization 

·       Strong knowledge of information security issues, trends and leading practices 

·       Solid understanding of information security projects and implementation 

·       Strong interpersonal and relationship management skills 

For positions based in Jersey City, the base salary range is $93,000-$138,000.  In addition, the position is eligible for a bonus in accordance with the terms of the applicable incentive plan.   In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here: New_Hire_Benefits_Overview_202.pdf (sprinklr.com)

#LI-CN1

Enjoy benefits that take care of what matters

At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of belonging

We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through our flexible work arrangements, diversity and inclusion learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The diversity of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities.  If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com.  

Functional Area:

IT - Information Technology

Estimated Travel Percentage (%): Up to 25%

Relocation Provided: No

AIG Employee Services, Inc.