Principal Engineer, PKI

At AIG, we are reimagining the way we help customers to manage risk. Join us as a Principal Engineer, PKI to play your part in that transformation. It’s an opportunity to grow your skills and experience as a valued member of the team.Make your mark in Information TechnologyAt AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance.How you will create an impactThe Principal Engineer plays a crucial role in managing and monitoring all aspects of public key infrastructure (PKI) services. You will provide strategic direction and leadership for AIG’s PKI and Certificate management program providing subject matter expertise and in-depth knowledge of PKI products, technologies, and best practices. You will partner closely with Identity & Access Management (IAM) architects and application owners to implement PKI solutions that are aligned with enterprise IT strategies.ResponsibilitiesLead the infrastructure protection strategy to create, evolve, and secure our internal Public Key Infrastructure (PKI) and credential management security strategyCreate design components, develop code, and test changes using test-driven development methodologiesSME and technical lead for Internal Certificate Authority and PKI implementationProvide subject matter expertise in resolving complex problems related to infrastructure and PKIManage, secure, engineer and provide governance for key and certificate management services, including supporting robust, enterprise-grade Public Key Infrastructure (PKI), certificate lifecycle management (CLCM), infrastructure automation and credential management (CMS) systems.Manage hardware security modules (HSMs) and Key ManagementImplement and maintain an automated certificate renewal program; capture use-cases for certificate revocation, enrollment & renewal processesMonitor creation of encryption keys to ensure they are protected against modification, and private keys are protected against unauthorized disclosureContribute to the design of new Entra ID infrastructure from PKI perspectiveDefine Trust Strategies and understand security and governance requirements for Certification AuthoritiesWhat you'll need to succeed BA/BS in Cybersecurity, Information Technology, or related field; advanced degree preferred, Computer Science, Computer Engineering or Related Field.12+ years of IT experience, 8+ years' experience designing, deploying, and supporting PKI environments in a Windows domain. Experience deploying internal certificate authorities, issuing external certificates from external certificate authorities and installing certificates on systems, and building out and maintaining certificate authority databases, as well as designing, deploying, and supporting the use of smart cards for system authenticationSound knowledge and experience in Enterprise Architecture, Strategy, and IT SecurityStrong understanding of IAM domain including Access Management, Authentication, and Key Management implementationsKnowledge in Keyfactor and Entrust products is preferredStrong experience with PKI automation and Certificate lifecycle managementAbility to lead projects through full lifecycle, including requirements gathering, architecture and design, scoping, implementation, and operationalizationDemonstrated experience implementing PKI for large firmsRelevant certifications (PKI, CISSP, KMS) is a plusIn-depth knowledge of PKI principles with subject matter expertise in developing best practices around standardized management of access controls Understanding of IAM relevant technical security skills, such as Identity Governance, Single Sign-On and authentication, Multi-Factor Authentication, Microsoft and AD tools for Access Management and controls, Privileged access management, and AWS securityAdvanced understanding of the broader impact of Information Security from a business perspectiveExcellent analytical skills with high attention to detail and accuracyStrong problem-solving skills, with the ability to identify root causes and develop solutionsExcellent leadership, communication, and collaboration skillsAbility to articulate complex technical concepts, both verbal and written to non-technical stakeholdersStrong interpersonal skills, with the ability to work with many levels of management and across multiple lines of business and corporate functionsExperience managing global teams that include employees and vendorsExperience managing vendors driving SLAsSkilled in handling stressful situations with perseverance and professionalismAbility to guide teams through complex issues and drive resolution for issuesAbility to build project plans, translate directives, and present project deliverables to upper managementAbility to think strategically, balancing long and short-term prioritiesA high degree of adaptability/flexibilityWillingness to challenge business operating models when necessaryReady to step up to new challenges? We would love to hear from you.For positions based in Jersey City, NJ, the base salary range is $126,000-$171,000. For positions based in Colorado, the base salary range is $146,000-$160,000. In addition, the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here: New_Hire_Benefits_Overview_202.pdf (sprinklr.com)#LI-CN1Enjoy benefits that take care of what mattersAt AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.Reimagining insurance to make a bigger difference to the worldAmerican International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.Welcome to a culture of belongingWe’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through our flexible work arrangements, diversity and inclusion learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The diversity of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities.  If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com.  Functional Area:IT - Information TechnologyEstimated Travel Percentage (%): No TravelRelocation Provided: NoAIG Employee Services, Inc.SummaryLocation: NJ-Jersey City; CO-Denver; GA-Atlanta; TX-Houston; NC-Charlotte; IL-Chicago; TX-DallasType: Full time