Senior IT Security Architect

About The Position

Requirements

• 8+ years of IT Security Architecture related work experience, preferably at a large, global organization.
• 3+ years of engineering and hands-on design and architecture of effective security controls and measurement in network and applications domains for large financial enterprise.
• Hands-on with development of applications security architecture for migration of IT workload to Cloud services.
• Expert knowledge and implementation experience of cloud security domains of IAM, SaaS, IaaS, PaaS, Applications and Data Security.
• Strong knowledge of DevSecOps, security policies and incident response.
• Proven expertise in building a defense in depth infrastructure security architecture.
• Strong understanding of how cloud data breaches can occur.
• Experience with Cloud Services (AWS/Azure/GCP) in migration of applications to the cloud.
• Implement Configuration Management and Infrastructure as Code (e.g. Chef, CloudFormation, Terraform, Puppet).
• Experience in DevOps environments and automating security controls into the CI/CD process.
• Ability to work across all layers of an application and technology infrastructures.
• Ability to work with development teams to deliver high-quality security architectures.
• Excellent verbal and written communication skills.
• Bachelor’s degree in information technology, computer science or equivalent work experience. Master's degree preferred.

Nice To Haves

• Trusted Advisor personality and behaviors (diplomatic, tenacious and tactful).
• Practical Futurist mindset for unpredictable risks and opportunities.
• Commercial acumen to identify and work with stakeholders to evaluate requirements.

Responsibilities

• Provide security capabilities as services to the global AIG enterprise.
• Work with cross-functional AIG global information security teams, business and applications teams, data, network, and cloud services to secure AIG’s global applications landscape.
• Act as a design authority on cloud application security during the 'Permission to Build' and 'Permission to Operate' process.
• Ensure all security standards are followed, and any violations are remediated.
• Act as an evangelist to drive security blueprint adoption.
• Provide support and guidance in designing complex business and operations security solutions.
• Use cloud Service APIs (e.g., AWS APIs), SaaS solutions (e.g., SIEM, XDR, Threat detection and Cloud native security services) to detect security blueprint violations.
• Work with global cloud team and Business CIO team to remediate security violations for application architecture.
• Participate in defining architecture and process standards for the cybersecurity controls, implementation and operations.
• Contribute to evaluation, selection and configuration of cybersecurity products and services from vendors.
• Identify cloud native solutions for security monitoring based on AIG’s cloud security strategy.
• Lead POCs for cloud security solutions.
• Work closely with AIG’s global incident response team to define use cases for cloud infrastructure.
• Define cloud incident response procedure, severities and SLAs.
• Develop security requirements for business use-cases that meet AIG global security standards.
• Work with infrastructure operations, application developers, administrators, consultants and vendors to build, configure, test and implement secured solutions.
• Develop and implement principles of secure design within the architecture framework of the company.
• Establish reference cybersecurity architectures for scale and decentralized deployments.
• Provide architecture guidance across cybersecurity functional areas.

Benefits

• Competitive benefits package focused on health, wellbeing, and financial security.
• Bonus eligibility in accordance with the terms of the applicable incentive plan.
• Volunteer Time Off and Matching Grants Programs.