IT Application Portfolio Governance Lead

At AIG, we are reimagining the way we help customers to manage risk. Join us as a IT Application Portfolio Governance Lead to play your part in that transformation. It’s an opportunity to grow your skills and experience as a valued member of the team. Make your mark in Information Technology At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology (IT) team equips our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. Innovation in IT drives innovation across the organization. How you will create an impact This candidate will be engaged to manage the governance of a portfolio of applications to implement compliance requirements to meet relevant industry standards, regulations, and internal IT policies. This role will engage with Information Security Office (ISO), Global Infrastructure, Network Security, Global Unstructured Data Security, SharePoint Online, and Enterprise Systems partners to develop and enforce security policies to protect sensitive data. This role is responsible to ensure that the Enterprise System portfolio applications GEAR data is updated, and vulnerabilities are being addressed. This candidate will engage with TRC to identify and assess risks associated with Enterprise Systems processes, applications, and data, collaborating with relevant partners to prioritize risk mitigation efforts. Application Governance: Driving the execution of the development, implementation, and continuous improvement of risk management strategies and frameworks. Identify and assess risks associated with Enterprise Systems application processes, applications, and data, collaborating with relevant partners to prioritize risk mitigation efforts. Work closely with internal audit teams to ensure Enterprise Systems applications related audits are conducted effectively and timely, addressing any findings or deficiencies. Design and implement robust control frameworks for Enterprise Systems applications processes, collaborating with process owners and IT teams to ensure controls are practical and effective. Develop key performance indicators (KPIs) and metrics to monitor control effectiveness and promptly address deviations. Deploy and ensure trainings on controls and standards across lines of defense. SharePoint Online Governance Lead the SharePoint Security areas such as managing and maintaining the security aspects of a SharePoint environment, including access controls, permissions, and data protection. Developing and enforcing security policies to protect sensitive data and ensure compliance with organizational and regulatory requirements. Engage with Information Security Office (ISO), Global Infrastructure, Network Security, Global Unstructured Data Security, SharePoint, and Enterprise Systems partners to develop and enforce security policies to protect sensitive data. Implementing measures to safeguard data within SharePoint Online, including data loss prevention (DLP) strategies, encryption, and backup procedures. Strong understanding of SharePoint Online architecture, features, and functionalities, including site creation, permissions management, and content management. Working with network administrators, system administrators, and other IT professionals to ensure the overall security of the SharePoint Online environment. Provide weekly updates to IT and business management to keep all informed on the status. Key contact between Enterprise Systems technologies teams, Internal Auditors, Regulators and External Auditors. Portfolio Management Maintaining the Enterprise Systems GEAR portfolio data which includes GEAR certification, BIA and DRP creation. Ensure that the application support team is addressing vulnerabilities for the Enterprise Systems portfolio applications. Provide weekly updates to Enterprise Systems IT management regarding the GEAR portfolio and vulnerability status.