Manager, IT Security, Risk & Compliance recruitment

Manages and facilitates the execution of activities required for the development, communication and management of policies, controls and practices supporting IT compliance and information security objectives within Global Finance OS. In addition, ensures the effectiveness of IT compliance and security activities; where required will assist in developing and executing mitigation plans for control deficiencies.

Primary Responsibilities:
IT Risk and Compliance:
* Manage the roll-out of the IT self assessment program to help determine the adequacy and effectiveness of IT controls, security policies, and assist in remediation activities and actions to ensure that compliance and security gaps are successfully addressed.
* Project management of action plans and documentation of testing to remediate audit issues and self identified control gaps.
* Conduct annual risk assessments and manage testing of IT controls for SOX compliance and Fed oversight.
* Identify and recommend process control changes to enable testing efficiencies and rationalization of manual controls that can be automated or enhanced; with the objective of building less complex and effective control structures.

IT Security:
* Define, identify and classify critical information assets, assess threats and vulnerabilities regarding those assets and document safeguard recommendations. Develop and manage the information classification process.
* Review new facilities, applications and/or technology environments during the development or acquisitions process to ensure compliance with corporate/business security policies and directions. Perform security assessments of external vendors and service providers.
* Identify and prioritize security risks and recommend mitigating controls.
* Oversee execution of operational security tasks including: Monthly vulnerability assessments and repairs, anti-virus/malware support efforts, data loss prevention efforts, server and workstation security configuration compliance, and security incident reporting.

* Interpersonal Skills: Excellent inter-personal skills, able to work independently and a key contributor in a team environment.
* Analytical Skills: Excellent analytical and problem-solving abilities and process oriented.
* Project Management Skills: Understanding of project management methodologies and tools, including prior experience managing diverse, cross-functional, cross-departmental projects and technologies
* Communication Skills: Excellent written and oral communication skills.
* Well-rounded understanding of technology, operations, security, and key business processes

Previous Experience:
* 5+ years of relevant technology experience across multiple domains (applications, data, infrastructure, etc.)
* 5+ years experience managing IT Risk and/or Compliance programs for complex, global organizations
* 2+ years experience in Corporate Finance Functions (Treasury, Tax, Accounting, etc.)
* 2+ years experience in the insurance or financial services industry
* Maintains designation with at least two certifications within IT Risk, Compliance, or Information Security disciplines.

American International Group, Inc. (AIG), a world leader in insurance and financial services, is the leading international insurance organization with operations in more than 130 countries and jurisdictions. AIG companies serve commercial, institutional and individual customers through the most extensive worldwide property-casualty and life insurance networks of any insurer. In addition, AIG companies are leading providers of retirement services, financial services and asset management around the world. AIG's common stock is listed on the New York Stock Exchange, as well as the stock exchanges in Ireland and Tokyo. AIG is an Equal Opportunity Employer.