Japan Information Security Office (ISO) Security Engineering Lead

About the role

The Japan Security Engineering Lead will drive security engineering efforts related to the AIG Security Stack (Crowdstrike Tanium Qualys Imperva DAM/DAS Microsoft Purview/Defender ProofPoint Trend Micro Varonis SafeBreach Agari DMARC Prisma Wiz). The candidate must have extensive experience securing both enterprise-level on premise and Cloud services including Infrastructure as a Service (IaaS) Platform as a Service (PaaS) and Software as a Service (SaaS) across multiple cloud providers including AWS Google Cloud Platform (GCP) Microsoft Azure (Azure). The candidate must also have subject matter expertise in on premise and Cloud Security Architectures Vulnerability Management and Network Defense to help protect the firms cloud workloads and data deployed into different types of cloud and cloud/hybrid systems. The Japan Security Engineering Lead will serve as a key technical expert for the Information Security Organization and other Information Security teams for all matters related to the AIG Security Stack across the Japan and APAC regions.

Responsibilities

• Lead the deployment management/maintenance and Follow the Sun support of AIG security stack for on premise infrastructure and cloud service offerings from AWS Microsoft Azure or Google Cloud Platform (GCP) to identify threats risks and controls to secure the services.

• Operate as a trusted advisor for on premise and cloud AIG Security Stack mentoring junior team members and developers to understand threats and risk mitigation options for on premise and cloud services.

• Collaborate with other information security teams to help address critical security risks to the business. Ensure that cloud security risk related issues are appropriately monitored and addressed within the IT environment.

• Work with stakeholders to develop maintain and enforce cloud security policies and procedures.

• Collaborate with the security architecture team cloud security engineering team security remediation team and application and infrastructure teams to protect on premise and cloud workloads and data deployed into different types of on premise cloud and cloud/hybrid systems.

• Support the development of security policies standards and procedures for cloud-based applications and infrastructure leveraging cloud security solutions.

Requirements

• Bachelors degree or equivalent experience in Cybersecurity Information Technology or related field such as Computer Science.
• Language proficiency in English at Fluent level. Intermediate level Japanese (email communication and reading Japanese materials conversations at meetings with local counterparts)
• 3 years of experience in a supervisory lead or management role
• 12 years of experience in on premise and cloud security or related roles with hands-on experience in cloud platforms such as AWS Azure or Google Cloud
• 8 years of direct hands-on experience with on premise and Cloud Security Posture management solutions including compute agents DevOps code scanning deployment and posture management policy tuning utilizing IaC automation for efficient and secure cloud operations.
• Deep and broad understanding of cloud/cloud hybrid platforms (IDaaS/IaaS/SaaS/PaaS) and associated security tools and processes.
• Proficiency in implementing robust security measures including agent/agentless workload defenders in cloud-native environments such as Kubernetes (AKS EKS GKS) and Azure Functions.
• Additional certifications such as CISSP CCSP Security foundational/associate/security tracks for Azure AWS GCP are a plus.
• Recent and relevant experience in vulnerability analysis and exploitation techniques.
• Troubleshoot issues within the product when necessary assisting different teams crash dumps performance monitor and release blockers.
• In depth knowledge of Critical Security Controls like NIST CIS Benchmarks DISA STIG standards etc.
• Familiarity with International Security standards and Industry framework like ISO 27001/27002 PCI DSS and SOX.
• In depth knowledge and expertise with Infrastructure hardening and Security settings for Windows and Linux.
• Intermediate to Expert level knowledge on Windows & Active Directory Unix/Linux Operating Systems.
• Good scripting knowledge using PowerShell Python Linux shell is desired.
• Strong knowledge of Cloud computing Virtualization concepts and PaaS/SaaS services.
• Strong knowledge of TCP/IP and HTTP protocols.
• Strong knowledge of Endpoint Security Concepts and Incident Response processes
• Experience with SIEM & tool integrations CrowdStrike NextGen SIEM is preferred
• Strong Security Framework knowledge
• Be an energetic self-starter who is empowered to take ownership and be accountable for deliverables both individually and as part of a growing team.
• Team player able to lead mentor communicate collaborate and work effectively in a globally distributed team.

At AIG we value in-person collaboration as a vital part of our culture which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive connected environment for our team and clients alike.

Enjoy benefits that take care of what matters

At AIG our people are our greatest asset. We know how important it is to protect and invest in whats most important to you. That is why we created our Total Rewards Program a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health wellbeing and financial securityas well as your professional developmentto bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the worlds most far-reaching property casualty networks. It is an exciting time to join us across our operations we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG you can go further to support individuals businesses and communities helping them to manage risk respond to times of uncertainty and discover new potential. We invest in our largest asset our people through continuous learning and development in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of inclusion

Were committed to creating a culture that truly respects and celebrates each others talents backgrounds cultures opinions and goals. We foster a culture of inclusion and belonging through learning cultural awareness activities and Employee Resource Groups (ERGs). With global chapters ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIGs greatest assets and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race color religion age gender gender expression national origin veteran status disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation please send an email to .

Functional Area: