Director / Principal Security Architect - Monitoring and Response
IT - Information Technology
Estimated Travel Percentage (%): Up to 25%
Relocation Provided: No
American International Group, Inc.
The IT Security Architecture and Strategy team provides Security Architecture as a Service to the global AIG enterprise. Security architecture service uses a systematic security architecture framework to build and design security solutions into all major global business initiatives, applications, products, infrastructure and security toolsets.
The Principal Security Architect - Security Monitoring & Response (M&R) will be responsible for:
- Security Monitoring and Response Strategy: Develop AIG global security monitoring and responses strategy, define current state and target state architecture, and build execution roadmap. Align all M&R project execution to the strategy.
- Security Monitoring and Response Architecture: Develop Monitoring and Response capabilities that include Threat intel, endpoint monitoring, network monitoring, cloud monitoring, insider threat monitoring and the etc. Build a cohesive architecture to realize capabilities. Drive the architecture for all M&R project execution. Provide rationalization of all M&R toolset. Serve as the M&R design authority.
- Monitoring and Response Technology Evaluation: Lead M&R technology evaluation and POCs. Survey and Evaluate leading edge technologies that align with target state architecture.
In this capacity, the person will work closely with AIG's global Cyber Defense Center, Effectiveness Assessment team and Technology Service team to deploy the right capabilities and evaluate the capability effectiveness (e.g., is Endpoint response tool generating the right alerts?). The person will use the capability effectiveness assessment to revise M&R strategy, architecture, technology evaluation and drive future M&R investment.
The Principal Security Architect - Monitoring and Response main job responsibilities:
- Act as security design authority for all projects within M&R portfolio. Engage from the idealization through the system development lifecycle in all M&R project execution.
- Develop AIG Monitoring and Response Strategy, Architecture and execution roadmap
- Perform M&R capability “effectiveness” assessment, identify capability gaps and propose enterprise solutions (could be new solution or re-architecting / tuning existing solutions)
- Function as a principal M&R technologist to perform technology evaluation, define use cases, architect POC environment, lead POC execution and conduct trade-off analysis
- Drive M&R security solution design for in eight areas of the security architecture framework (credential management, access provisioning, authentication and authorization, data security, application security, infrastructure security, security monitoring and operations security)
- Deliver security architecture diagram and security architecture specification per security architecture engagement.
- Review enterprise critical project security architecture and assist M&R solution integration for enterprise projects as needed.
- Develop / Harvest security architecture patterns from architecture engagements and build enterprise security architecture pattern repository.
- Communicate security strategy and drive the standardization and consistent definition and application of security principles to all stakeholders.
- 10 years' experience in an information technology role with increasing responsibility in information security architecture focusing on security monitoring and incident responses.
- Expert security architecture and solution knowledge in endpoint detection, network security monitoring, fraud detection, email monitoring, threat intel platform, digital forensics, security analytics, and enterprise SIEM. Example of solutions include CarbonBlack, DarkTrace, Anamoli, EnCase, Verodin, ThreatMetrix, Nuance, GIACT, Palo Alto, Splunk, and FireEye.
- Experience in leveraging cloud technology in solving security monitoring and responses. For example, Cybereason, CrowdStrike, Anamoli and zScaler.
- Experience in security operation center execution. Understand kill chain and how to apply it in incident responses. Experience in conducting incident responses.
- Familiar with how cyberattacks are carried technically and can build architecture constructs to prevent them and enable incident response. Understands that architecting a good solution and architecting the right solution may not be the same thing - there are times when adding an application or functionality is not in the best interests of the organization.
- Ability to research, analyze and resolve complex problems with minimal supervision and escalate issues as appropriate
- Excellent written, verbal communication and presentation skills
- Must be a strong team player
- Trusted Advisor - the person needs to possess the personality and behaviors (diplomatic, tenacious and tactful) to rapidly establish themselves as trusted advisors to the business and as interpreters for the development of IT security solutions.
- Practical Futurist - need to have shown that they can be ready for ‘unpredictable' risks and opportunities, developing architectures that are resilient enough to keep up with the evolution of the enterprise and cyber threat landscape.
- Commercial acumen - needs to be familiar with ‘Do more for less', be able to identify and work with stakeholders to collect, aggregate and evaluate requirements in light of current and future technology resources and budgets.
- Bachelor's degree in information technology or computer science strongly preferred. Master degree preferred.
CISSP, OSCP (Offensive Security Certified Professional), AWS Solution Architect certification preferred
It has been and will continue to be the policy of American International Group, Inc., its subsidiaries and affiliates to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.
At AIG, we believe that diversity and inclusion are critical to our future and our mission - creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives