Director / Principal Security Architect - Data Security

Reston VA
February 22 2018
Insurance, Securities

Functional Area:

IT - Information Technology

Estimated Travel Percentage (%): Up to 25%

Relocation Provided: No

American International Group, Inc.

The Principal Security Architect - Data Security will be responsible for:

  • Data Security Strategy: Develop AIG global Data security strategy, identify gaps between current state and target state architecture, and build execution roadmap. Align Data security project execution to the strategy. Develop Data security investment plan. Serve as the accountable leader from information security and work with the rest of AIG stakeholders on managing Data security investment projects.
  • Data Security Architecture: Develop Data security capabilities that include digital rights management (e.g., Microsoft Azure Information Protection), Data Loss Prevention, Email security, data access, secure storage, Data at rest encryption, Data in transit encryption, and data de-identification. Build a cohesive architecture to realize capabilities. Drive the architecture for all Data security project execution. Provide rationalization for Data security toolset. Serve as the Data security design authority.
  • Data Security Product Management and Technology Evaluation: Serve as a Data security technologist to lead Data security technology evaluation and POCs. Survey and evaluate leading edge technologies that align with target state architecture. Develop product management roadmap.

In this capacity, the person will work closely with AIG's global Data stakeholders, Effectiveness Assessment team and security monitoring team to deploy the right capabilities and evaluate the capability effectiveness (e.g., is DLP solution generating too much false positives? Is DRM solution configured correctly?). The person will use the capability effectiveness assessment to revise Data security strategy, architecture, technology evaluation and drive future Data security investment.

The Principal Security Architect - Data Security main job responsibilities:

  • Act as security design authority for all projects within Data security portfolio. Engage from the idealization through the system development lifecycle in project execution.
  • Develop AIG Data security strategy, architecture and execution roadmap (short term and long term)
  • Perform Data security capability “effectiveness” assessment, identify capability gaps and propose enterprise solutions (could be new solution or re-architecting or re-configuring existing solutions)
  • Function as a principal Data security technologist to perform technology evaluation, define use cases, architect POC environment, lead POC execution and conduct trade-off analysis
  • Drive Data security solution design for in eight areas of the security architecture framework (credential management, access provisioning, authentication and authorization, data security, application security, infrastructure security, security monitoring and operations security)
  • Deliver security architecture diagram and security architecture specification per security architecture engagement.
  • Review enterprise critical project security architecture and assist Data security solution integration for enterprise projects as needed.
  • Develop / Harvest security architecture patterns from architecture engagements and build enterprise security architecture pattern repository.
  • Communicate security strategy and drive the standardization and consistent definition and application of security principles to all stakeholders.

Position Requirements:

  • 10 years' experience in an information technology role with increasing responsibility in information security architecture focusing on Data security.
  • Expert solution knowledge and implementation experience in deploying digital rights management solution (e.g., Microsoft Azure Information Protection) into global enterprise platforms (e.g., endpoints, servers, mobile, and BYODs).
  • Expert solution knowledge and implementation experience in Data Loss Prevention (DLP) solutions. Experience in operational perspective of DLP platform - knowing how to configure the solution effectively (lowing false positives) to support security operation center in detecting data exfiltration scenarios.
  • Experience in security operation center execution. Understand kill chain and how to apply it in incident responses in the data exfiltration phase. Experience in conducting incident responses.
  • Familiar with how cyberattacks are carried technically and can build architecture constructs to prevent them and enable incident response. Understands that architecting a good solution and architecting the right solution may not be the same thing - there are times when adding an application or functionality is not in the best interests of the organization.
  • Ability to research, analyze and resolve complex problems with minimal supervision and escalate issues as appropriate
  • Excellent written, verbal communication and presentation skills
  • Must be a strong team player
  • Trusted Advisor - the person needs to possess the personality and behaviors (diplomatic, tenacious and tactful) to rapidly establish themselves as trusted advisors to the business and as interpreters for the development of IT security solutions.
  • Practical Futurist - need to have shown that they can be ready for ‘unpredictable' risks and opportunities, developing architectures that are resilient enough to keep up with the evolution of the enterprise and cyber threat landscape.
  • Commercial acumen - needs to be familiar with ‘Do more for less', be able to identify and work with stakeholders to collect, aggregate and evaluate requirements in light of current and future technology resources and budgets.
  • Bachelor's degree in information technology or computer science strongly preferred. Master degree preferred.

CISSP, OSCP (Offensive Security Certified Professional), AWS Solution Architect certification preferred

It has been and will continue to be the policy of American International Group, Inc., its subsidiaries and affiliates to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

At AIG, we believe that diversity and inclusion are critical to our future and our mission - creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives