The IAM EMEA Regional Lead role will be the focal point for effective engagement between EMEA region and the Enterprise IAM function under the ISO (Information Security Organization). This role will be a trusted advisor to senior business and technology stakeholders and provide broad knowledge of Identity & Access Management strategies, policies, processes, architecture and road maps to enable the region to understand and meet IAM requirements.
The Regional Lead role will report into the IAM organization and have dotted line reporting to the Regional CISO and work closely with the region, supporting to operate within IAM and ISO’s risk appetite. S/He will be an essential business partner and will take responsibility for the assessing and managing IAM security risk for the region. This role will focus on ensuring that IAM is considered in respect of all elements of the region and will be required to support business units with the design and implementation of central IAM strategies related to security best practices, audit, regulatory and compliance requirements, operational efficiencies, and user experience.
- Build maintain effective relationship with EMEA’s Business and Technology stakeholders. Be the voice of IAM in the region and the voice of the region within IAM.
- Own and communicate the regional roadmap for IAM aligned with AIG’s risk appetite and overall IAM roadmap. Align IAM responsibilities and working practices of regions with IAM, identify and resolve risks and issues.
- Collaborate and drive the delivery of IAM services and initiatives in the region to support compliance activities, security audits, improve security capability & maturity, delivery of services such as Identity Governance, Access Management and Privileged Access Management
- Collate demand for IAM and collaborate across the IAM team to balance supply and demand of security and regional resources.
- Present in regional meetings and manage stakeholders that include the regional CIOs, CISOs and other leaders.
- Contribute to short term and long term strategic road maps for the region and ensure goals and initiatives are aligned with the IAM mission, vision and objectives
- Contribute to regional planning, awareness and education.
- Demonstrate to stakeholders that appropriate controls are in place and own/create actions plans to manage improvement or change where necessary.
- Advise stakeholders on how to achieve the relevant controls and assist with solutions to support them.
- Where necessary ensure that processes are documented and communicated in language that is relevant and understandable to international and /or non-technical audiences.
- Ensure all proposed technical solutions uphold regional requirements and maintain the integrity of the solution
- Support and deliver IAM initiatives as needed and be in a position to demonstrate and track progress to stakeholders.
- Raise the profile of IAM within the organization by being pro-actively involved with stakeholders and customers.
- Manage EMEA security incidents related to IAM by working closely with regional stakeholders.
- Identify opportunities and outline action plans to improve how existing IAM solutions are implemented
- Work with the broader IT security, risk and compliance organization to interpret policies and standards, ensuring policies and standards are properly followed by new and existing IAM solutions
- Contribute to conducting POCs, evaluation, selection and configuration of IAM products and services from vendors
- Contribute to strategy, roadmap, budget and resource planning exercises
- Any other duties as related to IAM and as required by the needs of the region.
- Experience in a similar role in a large international organisation
- Significant experience with Identity and Access Management (IAM) or broader Cybersecurity platforms, solutions and services
- Ability to interact with a diverse set of stakeholders (incl. technical and business executives), build good relationships at all levels and across all business units and organisations, and the ability of influence stakeholders of all levels
- Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience.
- Ability to prioritize and succeed on multiple assignments simultaneously, in a fast-paced and highly challenging environment.
- Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams.
- Highly self-motivated and directed, with keen attention to detail.
- Excellent knowledge of IAM lifecycle, including but not limited to, request & approval, provisioning, certification, authentication & authorization, privileged access management, RBAC & ABAC
- Working knowledge of SailPoint, Okta, CA PAM, CyberArk, Blueprism or equivalent
- A good understanding of Security frameworks including ISO27001/NIST/SANs.
- Have a relevant industry certification such as CISSP, CISM, CRISC or similar.
- Some knowledge with NIST, PCI, ISO 27001 or similar frameworks and standards
- BA/BS degree in Computer Science, Engineering, or related discipline
- Ability to travel, which is generally no more than 6 times a year, as needed
Key Working Relationships:
- IAM Service Leads, Architects and Engineers for IAM solution development
- Regional CISOs, Enterprise Architects, Cloud Architects and Security Architects
- Project managers assigned to the IAM program
- Vendors that provide IT security products and consulting companies that support implementations
- Regional Application Owners and Business Analysts to integrate system resources with IAM solutions
- Regional Technology Infrastructure teams
- Infrastructure Managers regarding AIG enterprise technology infrastructure and standards
- IAM Program stakeholders
It has been and will continue to be the policy of American International Group, Inc., its subsidiaries and affiliates to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.
At AIG, we believe that diversity and inclusion are critical to our future and our mission – creating a foundation for a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives.
Functional Area:IT - Information TechnologyEstimated Travel Percentage (%): Up to 25%Relocation Provided: NoAIG Europe S.A. (U.K. Service Branch) & American International Group UK Ltd