Location: can be based in one of our AIG offices in London (UK), Dublin (Ireland), Reston, VA (USA), or Charlotte, NC (USA)
How You Will Create An Impact
The Enterprise IAM Architect is accountable for defining and governing the enterprise Identity and Access Management (IAM) target state and shaping the transformation portfolio required to achieve it. This role sits within the Information Security Office (ISO), within the Enterprise Security Architecture function, focusing on process design, risk reduction, control effectiveness, and measurable business value. AIG currently operates an identity ecosystem that includes technologies such as Microsoft Entra ID, hybrid Active Directory, Okta (Workforce and Customer Identity), SailPoint IdentityIQ (IIQ), Microsoft Intune, Windows Hello for Business, and HYPR. These are examples of the current operating environment; however, the role is not product-bound and is expected to remain outcome‑and‑value‑led.
Delivery & Engagement Model
IAM delivery execution is managed through the ISO Program Management Office (PMO) in partnership with the relevant engineering, operational teams (e.g. IAM, security, infrastructure, and applications) and the business. This role shapes and governs delivery by defining architectural intent, control outcomes, sequencing, and design governance—ensuring initiatives remain aligned to roadmap objectives and value/risk outcomes.
The Global, Enterprise IAM Architect will focus on group managed entities (e.g. US, EMEA and UK) and will support and guide the non‑group managed entities (e.g. Israel, China).
Strategic Accountability
You Will Be Accountable For
Defining and maintaining the workforce IAM and customer IAM (CIAM) strategy and target‑state architecture
Developing and governing multi‑year roadmaps, including transition states and sequencing
Working with other domain leads and architects to define IAM‑related projects and transformation initiatives
Translating capability gaps and risk exposure into structured, fundable initiatives aligned to enterprise priorities
Establishing outcome measures and architectural guardrails to ensure initiatives deliver measurable risk and control improvements
Providing architectural governance and approval for identity‑related initiatives, including standards, patterns, design reviews, and exception management
Ensuring alignment with wider enterprise security architecture direction, risk appetite, and regulatory obligations
Owned Accountability
In Collaboration With Other Domain Leads, Architects, Delivery Stakeholders, Operations, Engineering And The ISO PMO, you own the development of identity‑related project and program charters, including
Strategic rationale and business justification
Risk reduction objectives and control outcomes
Scope boundaries, assumptions, and architectural intent
Success metrics and measurable value realization
Dependencies, sequencing, and transition planning
Alignment to enterprise portfolio/funding governance processes
You will ensure initiatives are well‑framed, justifiable, architecturally coherent, and outcome‑based before entering execution.
Core Responsibilities
Identity & Access Architecture & Control Design
Define the workforce IAM and CIAM target state architectures, controls, standards, principles, and design patterns
Develop identity response strategies for emerging technologies, including IAM implications for Agentic AI and autonomous systems (e.g. non‑human identities)
Authentication & Endpoint‑Integrated Identity
Define and steer phishing‑resistant and passwordless strategy (e.g., FIDO2/WebAuthn, device‑bound authentication, platform authenticators)
Define endpoint‑integrated trust models in partnership with endpoint/EUC teams (e.g., Intune device posture, compliant device enforcement, conditional access integration)
Technology Optimization, Value Realization & ROSI
Continuously evaluate and re‑evaluate identity technologies and investments to maximise Return on Security Investment (ROSI), drive cost efficiency, identify optimisation opportunities, and ensure spend is aligned to measurable risk and control outcomes
Ensure business cases and charters quantify expected value (risk reduction, incident reduction, operational efficiencies, productivity improvements, audit outcomes)
IAM Sourcing & Operating Model
Play an active role in defining and shaping the IAM sourcing approach and operating model
Define architecture‑led evaluation criteria and control outcomes to support build/buy/partner decisions
Define and validate service boundaries, accountabilities (RACI), and governance forums
Shape system integrator and managed service engagement models (where applicable) to ensure quality, control effectiveness, auditability, and sustainable run‑state operations
Governance & Partner Oversight
Provide architectural oversight of system integration partners and consultancies, validating deliverables and ensuring alignment to enterprise standards and target‑state intent
Ensure alignment to enterprise security architecture frameworks (e.g., SABSA, TOGAF) and industry frameworks (e.g., NIST, ISO/IEC), producing audit‑defensible designs
Required Experience And Qualifications
In‑depth experience in cybersecurity and/or identity architecture (IAM/CIAM), including enterprise‑scale transformation
Proven experience defining enterprise IAM/CIAM strategy, target‑state architecture, and roadmaps
Demonstrable experience shaping initiatives and developing project/program charters for portfolio governance and funding
Experience working effectively with PMO/program governance functions
Experience working with system integrators and consultancies, including architectural oversight and design authority engagement
Strong knowledge of workforce and/or customer identity platforms and controls—examples include Entra ID, hybrid AD, Intune, Windows Hello for Business, Okta, SailPoint IIQ, HYPR (or equivalent)
Knowledge of industry frameworks (NIST, ISO/IEC) and control‑driven design in regulated environments
Strong stakeholder management and executive communication skills (risk/value trade‑offs, decision support, influencing without direct authority)
Core Competencies
Mastery level knowledge of workforce IAM and customer IAM
Experience of defining defendable / resilient security architectures
Risk- and controls‑driven architecture with measurable outcomes
Technology‑agnostic judgement; capability‑first design
ROSI‑led decision making and value realization thinking
Governance and design authority leadership
Cross‑functional influence without direct delivery ownership
Executive communication and facilitation of decisions and trade‑offs
Enjoy Benefits That Take Care Of What Matters
At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.
AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories. AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com.
Functional Area
IT - Information Technology
#J-18808-Ljbffr