Vice President, Security Remediation (Risk & Offensive TTPs)

Who we are

American International Group, Inc. (AIG) is a leading global insurance organization. Building on 100 years of experience, today AIG member companies provide a wide range of property casualty insurance, life insurance, retirement solutions, and other financial services to customers in more than 80 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets, manage risks and provide for retirement security.

Information Technology

At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our employees with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include application development and management, enterprise architecture, and technology risk and compliance.

About the role

The Security Remediation Team’s mission is to reduce enterprise risk by identifying, analyzing, reporting and governing remediation / mitigation of IT security vulnerabilities across AIG’s portfolio of IT assets and IT-enabled processes.

How you will create an impact

This position, within AIG’s Security Remediation Team - Threat Assessment which perform threat assessments and real world attacks to test an organization's defenses, resilience, and response against our people, processes and technologies.

Responsibilities will include :

Identify vulnerabilities, exploit weaknesses, and challenge assumptions within security protocols, enabling the organization to understand potential threats from an attacker's perspective

Replace and extend current manual processes through automation or other appropriate techniques

Develop and implement additional risk and performance metrics

Design and supervise implementation of data quality controls and workflows

Improve vulnerability discovery and risk-based prioritization models

Collaborate on event management and treatment of emergent vulnerabilities

Engage with peers in IT architecture and operations, security architecture, red team, effectiveness testing team, hunt team, CTI team, SOC, and other teams to identify and pursue additional opportunities for improvement

Collaborate with data integration / analytics team to integrate additional findings and finding types into the vulnerability data model

What you’ll need to succeed

10+ years of IT systems engineering or IT security engineering experience

Bachelor's degree in computer science or cyber security is preferred.

Proven experience in secure design and operations of IT systems

Cloud (Azure, AWS, GCP) security testing experience preferred both offensive and defensive

Web API / web service dev / ops or API security experience

Strong communicator, both verbal and written

Commitment to advancing skills in the IT risk / security field

Demonstrated success leveraging scripting and automation skills to improve IT processes and workflows

Excellent problem-solving abilities and analytical mindset

Demonstrated understanding of computer engineering fundamentals including familiarity with common offensive and defensive tactics

Proven success in challenging operational environments including dealing with change, ambiguity and competing priorities

Risk management experience a plus

Web development or reversing or exploitation experience preferred

Familiarity with IP stack and related protocols a must

Familiarity with web services, servers and related protocols a must

Experience in one or more of Linux, Windows, Active Directory, Azure Directory, O365

Familiarity with one or more of BurpSuite, PostFix, Mulesoft or other API proxies, is a plus

Familiarity with data integration systems and concepts is a plus

Incident handling / response, malware analysis, adversarial emulation, and offensive skills are a plus

OSCP, OSWE or OSCE certifications or equivalent demonstrated skills are a strong plus

Ready to take your career to the next level? We would love to hear from you.

The base salary range for this position in Jersey City, NJ, is $130,000-163,000. In addition, the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. We’re proud to offer a range of competitive benefits, a summary of which can be viewed here : US Benefits Overview ()

Veterans encouraged to apply

LI- NK1

At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.

Enjoy benefits that take care of what matters

At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of inclusion

We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com.

Functional Area :

IT - Information Technology

AIG Employee Services, Inc.