Who we are
American International Group, Inc. (AIG) is a leading global insurance organization. AIG member companies provide a wide range of property casualty insurance in approximately 70 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets and manage risks. We’re also committed to making a positive difference for our colleagues and in the communities where we work and live. We encourage colleagues to give back to the causes they care most about, supporting these efforts through our Volunteer Time Off and Matching Grants Programs.
Get to know the business.
Information Technology
At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance.
About the role
What you need to know:
The Security Advisory Lead is responsible for working directly with business colleagues, members of leadership, and IT staff to partner on IT security-related matters. This position focuses on the firm’s Vulnerability Disclosure Program, Control Effectiveness Testing program, and must have demonstrated experience in development of communications.
We want to hear from you today if you can:
· Provide security-related guidance and assistance to Business Unit IT project teams to establish security compliant designs for applications and controls
· Contribute to an industry leading Vulnerability Disclosure Program
· Perform, analyze, and report on manual control assessments (e.g. firewalls, anti-virus, and web proxy) with senior leaders, business colleagues, and regional entities
· Create high quality technical and non-technical writing deliverables
· Advocate corporate information security policy and procedure to internal and external clients, customers, users and staff
· Develop quality program metrics to measure program performance as well as enterprise risk.? This data must provide actionable intelligence to help drive and track progress of the security program.
· Perform other security related duties as requested
What we are looking for
· BS/BA in Information Systems, Engineering, Computer Science/MIS, or relevant experience with areas of focus in Technology, or Information Security required
· CRISC, CISSP, OSCP, and GIAC, or other relevant certification is desired; non-certified hires are encouraged to become certified within 1 year from the date of hire
· 7+ years or more experience in information security related positions
· Knowledge in evaluating OWASP top 10 web application and API vulnerabilities
· Hands-on experience with Burp Suite, SIEM tools, and/or Vulnerability Disclosure Programs preferred
· Ability to define solutions from ambiguous scenarios
· Monitor remediation activities through completion, and provide guidance where applicable
· Training and mentorship to other team members and early career security colleagues
· General knowledge of security auditing processes
· Excellent written and verbal communication skills
· Strong familiarity with security controls across multiple OSI domains
· Strong management and organizational skills
· Willing to be flexible and apply creative problem-solving skills to reduce risk to the firm while minimizing disruptions to the business
· Able to work independently and think outside the box to continue to grow and mature the organization’s security posture
· Strong storytelling and artifact creation for all audience levels
· Ability to deal diplomatically and effectively at all levels of the organization
· Strong knowledge of information security issues, trends and leading practices
· Solid understanding of information security projects and implementation
· Strong interpersonal and relationship management skills
For positions based in Jersey City, the base salary range is $81,000-$102,000. In addition, the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here: AIG Benefits Overview.
#LI-SE1
We're proud to offer a range of employee benefits and resources that help you protect what matters most - your health care, savings, financial protection and wellbeing. We provide a variety of leaves for personal, health, family and military needs. For example, our "Giving Back" program allows you to take up to 16 hours a year to volunteer in your community. Our global mental health and wellness days off provide all colleagues with a paid day off to focus on their mental health and wellbeing.
AIG Employee Services, Inc.