Information Security Officer (PCK333-199816) Stamford, Connecticut

The primary purpose of this senior level position is to design, develop, implement, maintain and support a global Information Security, Risk and Compliance Program for the Asset Management Group (AMG). The individual will work closely with the senior AMG O&S Leadership Team, Corporate IT Security, Risk and Compliance Management Team, and business leaders supported by AMG O&S.

Primary responsibilities include ensuring the business unit information assets are adequately protected, establishing appropriate business unit standards and controls in accordance with AIG corporate policies and standards, identifying and reducing information technology risks, performing a periodic risk control self-assessment of the control environment, implementing and maintaining an identity and access management program, and business continuity management.

The job requires the ability to build and maintain strong partnerships with senior management, to influence personnel through a matrix organization, develop and lead teams toward stated objectives, and to prioritize and manage multiple activities.

nformation Security
‒ Designs and maintains business unit information security vision
‒ Provides technical content for information security baselines and supporting procedures
‒ Researches security and compliance technologies and practices
‒ Participates in the Business Information Security Officer (BISO) council
Risk and Compliance
‒ Oversees risk control self-assessment exercise
‒ Performs compliance validation and reporting
‒ Tracks remediation efforts for gaps and risk reduction activities
‒ Coordinates AMG IT risk & compliance materials
‒ Liaises with the Corporate IT Risk and IT Compliance functions
Identity and Access Management
‒ Establishes process and procedures for logical access controls
‒ Oversees access recertification activities
‒ Reviews and approves privilege access requests
Policy and Awareness
‒ Provides oversight for mandatory practices and IT Security standards and procedures
‒ Publishes and communicates business unit standards
Program Management
‒ Provides oversight for information security and compliance-related program execution
‒ Generates metrics and reports
‒ Liaises with the Corporate O&S PMO

‒ Strong background and knowledge of risk and controls
‒ Strong understanding of information security regulatory requirements
‒ Strong written and oral communication skills
‒ Excellent problem-solving skills
‒ Personal organization and planning skills
‒ Strong leadership and management skills – preferably within a global firm environment
‒ Demonstrated ability to work as part of a team
‒ Solid work ethic, self-driven with the ability to work with minimal oversight
‒ Candidate must be willing to work in Wilton, CT and travel to Manhattan
‒ Must have proven, hands-on experience developing and supporting large scale systems

To apply, please click here