Senior Cyber Defense Incident Responder
AIG is seeking a highly skilled cyber-defense expert to join AIG’s Detect & Response team. The Senior Cyber Defense Incident Responder will execute a range of threat discovery and incident response duties. The successful candidate will work as part of a team that conducts investigations into potential and actual cyber-attacks affecting AIG’s global business units, lines of business, or information technology infrastructure. The Detect & Response team encompasses several teams across disciplines including alert validation and tuning, incident response, and cyber threat intelligence. The teams follow a kill chain-aligned operational model, giving the candidate exposure to all elements of an attack lifecycle.

REQUIREMENTS:

• An understanding of cyber security operations processes, procedures, guidelines and solutions, including practical experience of cyber kill chain principles
• In-depth understanding of Windows, UNIX, and Linux operating systems, networking, malware defenses, and perimeter controls.
• Knowledge of TCP/IP networking and core Internet protocols such as UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.
• Ability to contribute to the development of SIEM use cases.
• Strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups.
• Understanding of how to read and interpret malware analysis reports.
• Self-starter with a sense of urgency who takes ownership and responsibility for service delivery
• Works independently with minimal guidance to drive projects to completion, while also working collaboratively with the team to achieve strategic goals
• Professional, clear, and concise communication to both technical and non-technical audiences
• Strong deductive reasoning, critical thinking, problem solving, prioritization, and consultative skills
• Proven organizational skills (time management and prioritization), and also employ a rigorous process for all follow-up / coordination activities
• Comfortable working in a dynamic environment, balancing multiple incidents, special projects, and other activities.
• Ability to deal diplomatically and effectively at all levels of the business including both technical and non-technical staff, management and senior leadership.
• Willingness to support and develop junior team members while also delivering on candidate’s own responsibilities.
• Bachelor’s degree or equivalent practical experience is preferred.
• Experience with security monitoring, event and anomaly analysis and intrusion detection/ prevention techniques.
  At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.

• Investigate potential cyber-attacks and intrusion attempts.
• Leverage aggregated cyber threat intelligence, log, network flow, and anomaly data for analysis, research and the identification of potential compromise within AIG’s infrastructure or applications.
• Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce AIG’s exposure to cyber-risks.
• Prioritize incoming requests to minimize risk exposure and ensure the timely completion of critical tasks and the escalation of time-sensitive issues.
• Support the development and maintenance of documented play-book procedures, knowledge articles, and training material.
• Create detailed incident and analysis reports, and provide concise summaries for management.
• Communicate effectively with other stakeholders of our incident response efforts, including representatives of the business units, technology specialists, vendors, and others.
• Contribute to our efforts to drive continuous improvement by recommending and collecting various key metrics for reporting to senior management on Incident Response.