Vice President, Security Remediation
Who we are
American International Group, Inc. (AIG) is a leading global insurance organization. Building on 100 years of experience, today AIG member companies provide a wide range of property casualty insurance, life insurance, retirement solutions, and other financial services to customers in more than 80 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets, manage risks and provide for retirement security.
At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our employees with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include application development and management, enterprise architecture, and technology risk and compliance.
About the role
The Security Remediation Team’s mission is to reduce enterprise risk by identifying, analyzing, reporting and governing remediation/mitigation of IT security vulnerabilities across AIG’s portfolio of IT assets and IT-enabled processes.
What you need to know:
This position, within AIG’s Security Remediation Team, has a primary focus to improve risk modeling/measurement and treatment prioritization including through the specific responsibilities laid out hereunder.
Responsibilities will include:
- Improve and extend current risk measurement and triage/prioritization models
- Identify areas lacking coverage and implement new controls to identify and/or reduce associated risks
- Collaborate with data quality lead to identify and prioritize new data quality controls and workflows
- collaborate on event management and treatment of emergent vulnerabilities
- engage with peers in IT architecture and operations, security architecture, red team, effectiveness testing team, hunt team, CTI team, SOC, and other teams to identify and pursue additional opportunities for improvement
- collaborate with data integration/analytics team to improve the data representation and associated use cases
- lead special projects to remediate particular key systemic risks
What we’re looking for:
- 10+ years of IT systems engineering or IT security engineering experience
- Proven experience in security engineering and in hands-on red or purple teaming disciplines involving technical exploitation of systems and processes
- Enumeration and exploitation experience (including privilege escalation, lateral movement, persistence) in at least two of the following areas:
- Infrastructure (including management/compute/storage), IoT, network devices
- Azure Directory
- Windows network operating system and Windows binaries
- Kubernetes, Lambda, Linux
- Experience in control detection and evasion and/or deceptive controls a plus
- AWS dev/sec/ops experience a plus
- Risk management experience a plus
- Strong communicator, both verbal and written
- Commitment to advancing skills in the IT risk/security field
- Demonstrated success leveraging scripting and automation skills to improve IT processes and workflows
- Excellent problem-solving abilities and analytical mindset
- Demonstrated understanding of computer engineering fundamentals including familiarity with common offensive and defensive tactics
- Proven success in challenging operational environments including dealing with change, ambiguity and competing priorities
- Familiarity with IP stack and related protocols a must
- Experience in one or more of Linux, Windows, Active Directory, Azure Directory, O365
- Familiarity with one or more of Splunk, Crowdstrike, Qualys, Nessus/Tenable is a plus
- Familiarity with data integration systems and concepts is a plus
- Incident handling/response, malware analysis, adversarial emulation, and offensive skills are a plus
- OSCP certification or equivalent demonstrated skills required
- OSWE or OSCE certifications or equivalent demonstrated skills are a strong plus
For positions based in NYC, the base salary range is $115,000 - $170,000. For positions based in Jersey City, the base salary range is $123,000-$163,000 . In addition, the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here:
*** veterans are encouraged ***
A look at our Benefits
We're proud to offer a range of employee benefits and resources that help you protect what matters most - your health care, savings, financial protection and wellbeing. We provide a variety of leaves for personal, health, family and military needs. For example, our "Giving Back" program allows you to take up to 16 hours a year to volunteer in your community. Our global mental health and wellness days off provide all colleagues with a paid day off to focus on their mental health and wellbeing.
We also believe in fostering our colleagues' development and offer a range of learning opportunities for colleagues to hone their professional skills to position themselves for the next steps of their careers. We have a tuition reimbursement program for eligible colleagues to enhance their education, skills, and knowledge in areas that relate to their current position or future positions to which they may transfer or progress.
We are an Equal Opportunity Employer
American International Group, Inc., its subsidiaries and affiliates are committed to be an Equal Opportunity Employer and its policies and procedures reflect this commitment. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories such as sexual orientation. At AIG, we believe that diversity and inclusion are critical to our future and our mission – creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives.
AIG is committed to working with and providing reasonable accommodations to job applicants and employees with physical or mental disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to complete any part of the application or hiring process, please send an email to firstname.lastname@example.org. Reasonable accommodations will be determined on a case-by-case basis.