• Senior IT Security Architect

    AIG (Reston, VA)


    At AIG, we are reimagining the way we help customers to manage risk. Join us as a Senior IT Security Architect to play your part in that transformation. It’s an opportunity to grow your skills and experience as a valued member of the team.

    Make Your Mark

    At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology (IT) team equips our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. Innovation in IT drives innovation across the organization.

    How you will create an impact

    The Security Architecture team provides many security capabilities as services to the global AIG enterprise. We are looking for a hands-on information technology security expert to join our architecture team in Information Security Office. The person will work with cross-functionals AIG global information security teams, AIG business and applications teams, data, network, and cloud services to secure AIG’s global applications landscape.

     

    + Work with IT and business stakeholders for security architecture and security controls assessment. Act as a design authority on cloud application security during the “Permission to Build” and “Permission to Operate” process. Ensure all security standards are followed, and any violations are remediated. Act as an evangelist to drive security blueprint adoption.

    + Provide support and guidance in designing complex business and operations security solutions. Use cloud Service APIs (e.g., AWS APIs), SaaS solutions (e.g., SIEM, XDR, Threat detection and Cloud native security services) to detect security blueprint violations (e.g., an unauthorized public exposure of AWS S3 bucket). Work with global cloud team and Business CIO team to remediate security violations for application architecture.

    + Participate in defining architecture and process standards for the cybersecurity controls, implementation and operations.

    + Contribute to evaluation, selection and configuration of cybersecurity products and services from vendors. Based on AIG’s cloud security strategy, identify cloud native solutions for security monitoring. Lead POCs for cloud security solutions.

    + Work closely with AIG’s global incident response team to define use cases for cloud infrastructure, for example, what to do when a high-risk security violation is detected? Define cloud incident response procedure, severities and SLAs.

    + Develop security requirements for the business use-cases and that meet AIG global security standards

    + Work with infrastructure operations, application developers, administrators, consultants and vendors to build, configure, test and implement secured solutions that meet the business needs and are aligned and consistent with IT security strategies.

    + Develop and implement principles of secure design within the architecture framework of the company – across IT, functions and across business lines

    + Establish reference cybersecurity architectures that can be leveraged for scale and decentralized deployments to deliver the Cybersecurity controls and plan for Private and Public Cloud to support strategic business plan

    + Provide architecture guidance across cybersecurity functional areas, which include Network, Endpoints, Data Protection, Logging, Systems/Applications/APIs, Cloud, B2B, B2C, Identity & Access Management, Operational Threats, IoT and SaaS interconnect to name a few

    What you need to succeed

    + 8+ years of IT Security Architecture related work experience, preferably at a large, global organization. 3+ years of engineering and hands-on design and architecture of effective security controls and measurement in network and applications domains for large financial enterprise.

    + Hands-on with development of applications security architecture for migration of IT workload to Cloud services.

    + Expert knowledge and implementation experience of cloud security domains of IAM, SaaS, IaaS, PaaS, Applications and Data Security.

    + Strong knowledge of DevSecOps, security policies and incident response.

    + Proven expertise in building a defense in depth infrastructure security architecture that includes security controls across multiple technology stacks.

    + Strong understanding of how cloud data breach can occur. Understand how adversary might compromise various cloud services and how to prevent, detect and respond.

    + Cloud Services (AWS/Azure/GCP) experience in migration of applications to the cloud, automation through various tools both AWS native and third-party.

    + Implement Configuration Management and Infrastructure as Code (e.g. Chef, CloudFormation, Terraform, Puppet).

    + Experience in DevOps environments and automating security controls into the CI/CD process.

    + Ability to work across all layers of an application and technology infrastructures.

    + Ability to work with development teams to deliver high-quality security architectures.

    + Trusted Advisor – the person needs to possess the personality and behaviors (diplomatic, tenacious and tactful) to rapidly establish themselves as trusted advisors to the business and as interpreters for the development of IT security solutions.

    + Practical Futurist – need to have shown that they can be ready for ‘unpredictable’ risks and opportunities, developing architectures that are resilient enough to keep up with the evolution of the enterprise and cyber threat landscape.

    + Commercial acumen – needs to be familiar with ‘Do more for less’, be able to identify and work with stakeholders to collect, aggregate and evaluate requirements in light of current and future technology resources and budgets.

    + Bachelor’s degree in information technology, computer science or equivalent work experience. Master's degree preferred.

    + Excellent verbal and written communication skills.

    + Must be a strong team player.

     

    This position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we're proud to offer a range of competitive benefits, a summary of which can be viewed here: 2025 Benefits Summary

     

    Ready to accelerate your career? We would love to hear from you!

     

    Veterans are encouraged to apply!

    #LI-NK1

    #AIGcareers #technology #Security #Architect

     

    At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.

     

    Enjoy benefits that take care of what matters

     

    At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

     

    Reimagining insurance to make a bigger difference to the world

     

    American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

     

    Welcome to a culture of inclusion

     

    We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

     

    AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

     

    AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to [email protected].

    Functional Area:

    IT - Information Technology

     

    AIG Employee Services, Inc.