Job Description
Enterprise IAM Architect, GlobalLocation: can be based in one of our AIG offices in London (UK), Dublin (Ireland), Reston, VA (USA), or Charlotte, NC (USA)Make your mark in Information TechnologyAt AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Security Office (ISO) works closely with the Information Technology (IT) team equipping our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company's systems from security risks, while designing technology strategies that enable AIG's businesses to achieve their goals. Innovation in IT drives innovation across the organization.How you will create an impactThe Enterprise IAM Architect is accountable for defining and governing the enterprise Identity and Access Management (IAM) target state and shaping the transformation portfolio required to achieve it. This role sits within the Information Security Office (ISO), within the Enterprise Security Architecture function, focusing on process design, risk reduction, control effectiveness, and measurable business value.AIG currently operates an identity ecosystem that includes (as representative examples) technologies such as Microsoft Entra ID, hybrid Active Directory, Okta (Workforce and Customer Identity), SailPoint IdentityIQ (IIQ), Microsoft Intune, Windows Hello for Business, and HYPR. These are examples of the current operating environment; however, the role is not product-bound and is expected to remain outcome- and value-led.Delivery & Engagement ModelIAM delivery execution is managed through the ISO Program Management Office (PMO) in partnership with the relevant engineering, operational teams (e.g. IAM, security, infrastructure, and applications) and the business. This role shapes and governs delivery by defining architectural intent, control outcomes, sequencing, and design governance-ensuring initiatives remain aligned to roadmap objectives and value/risk outcomes.The Global, Enterprise IAM Architect will focus on group managed entities (e.g. US, EMEA and UK) and will support and guide the non-group managed entities (e.g. Israel, China).Strategic AccountabilityYou will be accountable for:Defining and maintaining the workforce IAM and customer IAM (CIAM) strategy and target-state architectureDeveloping and governing multi-year roadmaps, including transition states and sequencingWorking with other domain leads and architects to define IAM-related projects and transformation initiativesTranslating capability gaps and risk exposure into structured, fundable initiatives aligned to enterprise prioritiesEstablishing outcome measures and architectural guardrails to ensure initiatives deliver measurable risk and control improvementsProviding architectural governance and approval for identity-related initiatives, including standards, patterns, design reviews, and exception managementEnsuring alignment with wider enterprise security architecture direction, risk appetite, and regulatory obligationsOwned AccountabilityIn collaboration with other domain leads, architects, delivery stakeholders, operations, engineering and the ISO PMO, you own the development of identity-related project and program charters, including:Strategic rationale and business justificationRisk reduction objectives and control outcomesScope boundaries, assumptions, and architectural intentSuccess metrics and measurable value realizationDependencies, sequencing, and transition planningAlignment to enterprise portfolio/funding governance processesYou will ensure initiatives are well-framed, justifiable, architecturally coherent, and outcome-based before entering execution.Core ResponsibilitiesIdentity & Access Architecture & Control DesignDefine the workforce IAM and CIAM target state architectures, controls, standards, principles, and design patternsDevelop identity response strategies for emerging technologies, including IAM implications for Agentic AI and autonomous systems (e.g. non-human identities)Authentication & Endpoint-Integrated IdentityDefine and steer phishing-resistant and passwordless strategy (e.g., FIDO2/WebAuthn, device-bound authentication, platform authenticators)Define endpoint-integrated trust models in partnership with endpoint/EUC teams (e.g., Intune device posture, compliant device enforcement, conditional access integration)Technology Optimization, Value Realization & ROSIAs part of ongoing architecture governance, continuously evaluate and re-evaluate identity technologies and investments to maximise Return on Security Investment (ROSI), drive cost efficiency, identify optimisation opportunities, and ensure spend is aligned to measurable risk and control outcomesEnsure business cases and charters quantify expected value (risk reduction, incident reduction, operational efficiencies, productivity improvements, audit outcomes)IAM Sourcing & Operating ModelPlay an active role in defining and shaping the IAM sourcing approach and operating modelDefine architecture-led evaluation criteria and control outcomes to support build/buy/partner decisionsDefine and validate service boundaries, accountabilities (RACI), and governance forumsShape system integrator and managed service engagement models (where applicable) to ensure quality, control effectiveness, auditability, and sustainable run-state operationsGovernance & Partner OversightProvide architectural oversight of system integration partners and consultancies, validating deliverables and ensuring alignment to enterprise standards and target-state intentEnsure alignment to enterprise security architecture frameworks (e.g., SABSA, TOGAF) and industry frameworks (e.g., NIST, ISO/IEC), producing audit-defensible designsRequired Experience and Qualificationsin depth experience in cybersecurity and/or identity architecture (IAM/CIAM), including enterprise-scale transformationProven experience defining enterprise IAM/CIAM strategy, target-state architecture, and roadmapsDemonstrable experience shaping initiatives and developing project/program charters for portfolio governance and fundingExperience working effectively with PMO/program governance functionsExperience working with system integrators and consultancies, including architectural oversight and design authority engagementStrong knowledge of workforce and/or customer identity platforms and controls-examples include Entra ID, hybrid AD, Intune, Windows Hello for Business, Okta, SailPoint IIQ, HYPR (or equivalent)Knowledge of industry frameworks (NIST, ISO/IEC) and control-driven design in regulated environmentsStrong stakeholder management and executive communication skills (risk/value trade-offs, decision support, influencing without direct authority)Core CompetenciesMastery level knowledge of workforce IAM and customer IAMExperience of defining defendable / resilient security architecturesRisk- and controls-driven architecture with measurable outcomesTechnology-agnostic judgement; capability-first designROSI-led decision making and value realization thinkingGovernance and design authority leadershipCross-functional influence without direct delivery ownershipExecutive communication and facilitation of decisions and trade-offs AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.Enjoy benefits that take care of what mattersAt AIG, our people are our greatest asset. We know how important it is to protect and invest in what's most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security-as well as your professional development-to bring peace of mind to you and your family.Reimagining insurance to make a bigger difference to the worldAmerican International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world's most far-reaching property casualty networks. It is an exciting time to join us - across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.Welcome to a culture of inclusionWe're committed to creating a culture that truly respects and celebrates each other's talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG's greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to Area:IT - Information TechnologyAmerican International Group UK Limited, Ireland Branch & AIG Europe S.A. (Ireland Branch)