At AIG, we are reimagining the way we help customers to manage risk. Join us as a Principal Engineer, PKI to play your part in that transformation. It’s an opportunity to grow your skills and experience as a valued member of the team.

Make your mark in Information Technology

At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance.

How you will create an impact

The Principal Engineer plays a crucial role in managing and monitoring all aspects of public key infrastructure (PKI) services. You will provide strategic direction and leadership for AIG’s PKI and Certificate management program providing subject matter expertise and in-depth knowledge of PKI products, technologies, and best practices. You will partner closely with Identity & Access Management (IAM) architects and application owners to implement PKI solutions that are aligned with enterprise IT strategies.

Responsibilities

• Lead the infrastructure protection strategy to create, evolve, and secure our internal Public Key Infrastructure (PKI) and credential management security strategy

• Create design components, develop code, and test changes using test-driven development methodologies

• SME and technical lead for Internal Certificate Authority and PKI implementation

• Provide subject matter expertise in resolving complex problems related to infrastructure and PKI

• Manage, secure, engineer and provide governance for key and certificate management services, including supporting robust, enterprise-grade Public Key Infrastructure (PKI), certificate lifecycle management (CLCM), infrastructure automation and credential management (CMS) systems.

• Manage hardware security modules (HSMs) and Key Management

• Implement and maintain an automated certificate renewal program; capture use-cases for certificate revocation, enrollment & renewal processes

• Monitor creation of encryption keys to ensure they are protected against modification, and private keys are protected against unauthorized disclosure

• Contribute to the design of new Entra ID infrastructure from PKI perspective

• Define Trust Strategies and understand security and governance requirements for Certification Authorities

What you'll need to succeed

• BA/BS in Cybersecurity, Information Technology, or related field; advanced degree preferred, Computer Science, Computer Engineering or Related Field.

• 12+ years of IT experience, 8+ years' experience designing, deploying, and supporting PKI environments in a Windows domain. Experience deploying internal certificate authorities, issuing external certificates from external certificate authorities and installing certificates on systems, and building out and maintaining certificate authority databases, as well as designing, deploying, and supporting the use of smart cards for system authentication

• Sound knowledge and experience in Enterprise Architecture, Strategy, and IT Security

• Strong understanding of IAM domain including Access Management, Authentication, and Key Management implementations

• Knowledge in Keyfactor and Entrust products is preferred

• Strong experience with PKI automation and Certificate lifecycle management

• Ability to lead projects through full lifecycle, including requirements gathering, architecture and design, scoping, implementation, and operationalization

• Demonstrated experience implementing PKI for large firms

• Relevant certifications (PKI, CISSP, KMS) is a plus

• In-depth knowledge of PKI principles with subject matter expertise in developing best practices around standardized management of access controls

• Understanding of IAM relevant technical security skills, such as Identity Governance, Single Sign-On and authentication, Multi-Factor Authentication, Microsoft and AD tools for Access Management and controls, Privileged access management, and AWS security

• Advanced understanding of the broader impact of Information Security from a business perspective

• Excellent analytical skills with high attention to detail and accuracy

• Strong problem-solving skills, with the ability to identify root causes and develop solutions

• Excellent leadership, communication, and collaboration skills

• Ability to articulate complex technical concepts, both verbal and written to non-technical stakeholders

• Strong interpersonal skills, with the ability to work with many levels of management and across multiple lines of business and corporate functions

• Experience managing global teams that include employees and vendors

• Experience managing vendors driving SLAs

• Skilled in handling stressful situations with perseverance and professionalism

• Ability to guide teams through complex issues and drive resolution for issues

• Ability to build project plans, translate directives, and present project deliverables to upper management

• Ability to think strategically, balancing long and short-term priorities

• A high degree of adaptability/flexibility

• Willingness to challenge business operating models when necessary

Ready to step up to new challenges? We would love to hear from you.

For positions based in Jersey City, NJ, the base salary range is $126,000-$171,000. For positions based in Colorado, the base salary range is $146,000-$160,000. In addition, the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here: NewHireBenefitsOverview202.pdf (sprinklr.com) (https://sprcdn-assets.sprinklr.com/248/0a780968-b61c-4521-b06e-ffe3eb552e83-228292781/New_Hire_Benefits_Overview_202.pdf)

#LI-CN1

Enjoy benefits that take care of what matters

At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of belonging

We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through our flexible work arrangements, diversity and inclusion learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The diversity of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com .

Functional Area:

IT - Information Technology

Estimated Travel Percentage (%): No Travel

Relocation Provided: No

AIG Employee Services, Inc.