IT - Information TechnologyEstimated Travel Percentage (%): No
TravelRelocation Provided: NoAIG Employee Services, Inc. Title:
Information Security, Senior Cyber Risk Defense Analyst
AIG is seeking a highly skilled cyber-defense expert to join
AIG’s Global Cyber-risk Defense Center (gCDC). The Senior Cyber
Risk Defense Analyst will execute a range of threat discovery and
incident response duties within the gCDC. The successful candidate
will work as part of a team that conducts investigations into
potential and actual cyber-attacks affecting AIG’s global business
units, lines of business, or information technology infrastructure.
The gCDC encompasses several teams across disciplines including
alert validation and tuning, incident response, and cyber threat
intelligence. This position will report to a gCDC Cyber Risk
Defense Team Lead and will provide guidance/direction to Junior
• Investigate potential cyber-attacks and intrusion attempts,
and lead containment, eradication, recovery, and lessons learned
analysis of actual incidents.
• Gather forensic evidence for analysis, investigation,
disciplinary action or criminal investigation.
• Leverage aggregated cyber threat intelligence, log, network
flow, and anomaly data for analysis, research and the
identification of potential compromise within AIG’s infrastructure
• Perform root cause analysis to identify gaps and provide
technical and procedural recommendations that will reduce AIG’s
exposure to cyber-risks.
• Prioritize incoming requests to minimize risk exposure and
ensure the timely completion of critical tasks and the escalation
of time-sensitive issues.
• Investigate escalations from the Alert Validation team. Accept
or refute escalations, performing incident response to accepted
events, or providing constructive feedback for refuted events.
• Provide ongoing mentorship to junior Cyber Analysts and liaise
with members of other gCDC functions to assess and mitigate the
risks posed to AIG by identified threats.
• Provide expert input on Incident Response process definition
and support the development and maintenance of documented play-book
procedures, knowledge articles, and training material.
• Create detailed incident and analysis reports, and provide
concise summaries for management.
• Communicate effectively with other stakeholders of our
incident response efforts, including representatives of the
business units, technology specialists, vendors, and others.
• Contribute to our efforts to drive continuous improvement by
recommending and collecting various key metrics for reporting to
senior management on Incident Response.
• Participate with other experts throughout the company to plan,
test, and improve incident response capabilities.
Minimum Requirements (Knowledge, Skills, and Abilities):
• A deep understanding of cyber security operations processes,
procedures, guidelines and solutions, including practical
experience of cyber kill chain principles
• In-depth understanding of Windows, UNIX, and Linux operating
systems, networking, malware defenses, and perimeter controls.
• Knowledge of TCP/IP networking and core Internet protocols
such as UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.
• Proven ability to innovate, develop, implement, and
effectively document complex technical systems and approaches.
• Ability to contribute to the development of custom IDS
signatures or SIEM use cases.
• Knowledge of adversary tactics, techniques, and procedures,
along with analysis of advanced intrusions across a complex global
network; and basic cyber-security forensics procedures.
• Strong oral and written communications skills (e.g., technical
writing, user guide development, requirements analysis) and ability
to interact effectively with technical and non-technical audiences,
as well as present in front of small and large groups.
• Understanding of how to read and interpret malware analysis
• Self-starter with a sense of urgency who takes ownership and
responsibility for service delivery
• Works independently with minimal guidance to drive projects to
completion, while also working collaboratively with the team to
achieve strategic goals
• Professional, clear, and concise communication to both
technical and non-technical audiences
• Strong deductive reasoning, critical thinking, problem
solving, prioritization, and consultative skills
• Proven organizational skills (time management and
prioritization), and also employ a rigorous process for all
follow-up / coordination activities
• Position requires access to highly sensitive confidential
material. Integrity and discretion are mandatory.
• Comfortable working in a dynamic environment, balancing
multiple incidents, special projects, and other activities.
• Ability to deal diplomatically and effectively at all levels
of the business including both technical and non-technical staff,
management and senior leadership.
• Willingness to support and develop junior team members while
also delivering on candidate’s own responsibilities.
Candidates should have experience with security monitoring,
event and anomaly analysis and intrusion detection/prevention
Formal Education & Certification:
** NOTE: An equivalent combination of experience, education
and/or training may be substituted for the below listed
• Bachelor of Science in Computer Science, Information Systems,
Software Engineering, or relevant military or law enforcement
• Candidates for this role have found success through the
pursuit of the following certifications:
o GIAC Certified Intrusion Analyst (GCIA)
o GIAC Certified Incident Handler (GCIH)
o EC-Council Certified Ethical Hacker (CEH)
o EC-Council Certified Incident Handler (CIH)
The analyst will perform work as part of a 24x7 global team,
occasionally requiring weekend and off-hours work.
It has been and will continue to be the policy of American
International Group, Inc., its subsidiaries and affiliates to be an
Equal Opportunity Employer. We provide equal opportunity to all
qualified individuals regardless of race, color, religion, age,
gender, gender expression, national origin, veteran status,
disability or any other legally protected categories.
At AIG, we believe that diversity and inclusion are critical to
our future and our mission – creating a foundation for a creative
workplace that leads to innovation, growth, and profitability.
Through a wide variety of programs and initiatives, we invest in
each employee, seeking to ensure that our people are not only
respected as individuals, but also truly valued for their unique
Posted 30+ Days Ago
About Us American International Group, Inc. (AIG) is a leading
global insurance organization. Building on 100 years of experience,
today AIG member companies provide a wide range of property
casualty insurance, life insurance, retirement products solutions,
and other financial services to customers in more than 80 countries
and jurisdictions. These diverse offerings include products and
services that help businesses and individuals protect their assets,
manage risks and provide for retirement security. AIG common stock
is listed on the New York Stock Exchange.
Join our Talent Network . Additional information about AIG can
be found at www.aig.com | YouTube | Twitter | LinkedIn .
These references with additional information about AIG have been
provided as a convenience, and the information contained on such
websites is not incorporated by reference into this press
AIG is the marketing name for the worldwide property-casualty,
life and retirement, and general insurance operations of American
International Group, Inc. For additional information, please visit
our website at www.aig.com . All products and services are written
or provided by subsidiaries or affiliates of American International
Group, Inc. Products or services may not be available in all
countries and jurisdictions, and coverage is subject to
underwriting requirements and actual policy language. Non-insurance
products and services may be provided by independent third parties.
Certain property-casualty coverages may be provided by a surplus
lines insurer. Surplus lines insurers do not generally participate
in state guaranty funds, and insureds are therefore not protected
by such funds.