Investigate potential cyber-attacks and intrusion attempts. - Leverage aggregated cyber threat intelligence, log, network flow, and anomaly data for analysis, research and the identification of potential compromise within AIG’s infrastructure or applications. - Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce AIG’s exposure to cyber-risks. - Prioritize incoming requests to minimize risk exposure and ensure the timely completion of critical tasks and the escalation of time-sensitive issues. - Support the development and maintenance of documented play-book procedures, knowledge articles, and training material. - Create detailed incident and analysis reports, and provide concise summaries for management. - Communicate effectively with other stakeholders of our incident response efforts, including representatives of the business units, technology specialists, vendors, and others. - Contribute to our efforts to drive continuous improvement by recommending and collecting various key metrics for reporting to senior management on Incident Response. Requirements: - An understanding of cyber security operations processes, procedures, guidelines and solutions, including practical experience of cyber kill chain principles - In-depth understanding of Windows, UNIX, and Linux operating systems, networking, malware defenses, and perimeter controls. - Knowledge of TCP/ IP networking and core Internet protocols such as UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc. - Ability to contribute to the development of SIEM use cases. - Strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups. - Understanding of how to read and interpret malware analysis reports. - Self-starter with a sense of urgency who takes ownership and responsibility for service delivery - Works independently with minimal guidance to drive projects to completion, while also working collaboratively with the team to achieve strategic goals - Professional, clear, and concise communication to both technical and non-technical audiences - Strong deductive reasoning, critical thinking, problem solving, prioritization, and consultative skills - Proven organizational skills (time management and prioritization), and also employ a rigorous process for all follow-up / coordination activities - Comfortable working in a dynamic environment, balancing multiple incidents, special projects, and other activities. - Ability to deal diplomatically and effectively at all levels of the business including both technical and non-technical staff, management and senior leadership. - Willingness to support and develop junior team members while also delivering on candidate’s own responsibilities. - Bachelor’s degree or equivalent practical experience is preferred. - Experience with security monitoring, event and anomaly analysis and intrusion detection/ prevention techniques and an in-depth understanding of Python.