Enterprise IAM Architect, Global

About the role

Enterprise IAM Architect, Global Location: can be based in one of our AIG offices in London (UK), Dublin (Ireland), Reston, VA (USA), or Charlotte, NC (USA) Make your mark in Information Technology At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Security Office (ISO) works closely with the Information Technology (IT) team equipping our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company's systems from security risks, while designing technology strategies that enable AIG's businesses to achieve their goals. Innovation in IT drives innovation across the organization. How you will create an impact The Enterprise IAM Architect is accountable for defining and governing the enterprise Identity and Access Management (IAM) target state and shaping the transformation portfolio required to achieve it. This role sits within the Information Security Office (ISO), within the Enterprise Security Architecture function, focusing on process design, risk reduction, control effectiveness, and measurable business value. AIG currently operates an identity ecosystem that includes (as representative examples) technologies such as Microsoft Entra ID, hybrid Active Directory, Okta (Workforce and Customer Identity), SailPoint IdentityIQ (IIQ), Microsoft Intune, Windows Hello for Business, and HYPR. These are examples of the current operating environment; however, the role is not product-bound and is expected to remain outcome- and value-led. Delivery & Engagement Model IAM delivery execution is managed through the ISO Program Management Office (PMO) in partnership with the relevant engineering, operational teams (e.g. IAM, security, infrastructure, and applications) and the business. This role shapes and governs delivery by defining architectural intent, control outcomes, sequencing, and design governance-ensuring initiatives remain aligned to roadmap objectives and value/risk outcomes. The Global, Enterprise IAM Architect will focus on group managed entities (e.g. US, EMEA and UK) and will support and guide the non-group managed entities (e.g. Israel, China). Strategic Accountability You will be accountable for: Defining and maintaining the workforce IAM and customer IAM (CIAM) strategy and target-state architecture Developing and governing multi-year roadmaps, including transition states and sequencing Working with other domain leads and architects to define IAM-related projects and transformation initiatives Translating capability gaps and risk exposure into structured, fundable initiatives aligned to enterprise priorities Establishing outcome measures and architectural guardrails to ensure initiatives deliver measurable risk and control improvements Providing architectural governance and approval for identity-related initiatives, including standards, patterns, design reviews, and exception management Ensuring alignment with wider enterprise security architecture direction, risk appetite, and regulatory obligations Owned Accountability In collaboration with other domain leads, architects, delivery stakeholders, operations, engineering and the ISO PMO, you own the development of identity-related project and program charters, including: Strategic rationale and business justification Risk reduction objectives and control outcomes Scope boundaries, assumptions, and architectural intent Success metrics and measurable value realization Dependencies, sequencing, and transition planning Alignment to enterprise portfolio/funding governance processes You will ensure initiatives are well-framed, justifiable, architecturally coherent, and outcome-based before entering execution. Core Responsibilities Identity & Access Architecture & Control Design Define the workforce IAM and CIAM target state architectures, controls, standards, principles, and design patterns Develop identity response strategies for emerging technologies, including IAM implications for Agentic AI and autonomous systems (e.g. non-human identities) Authentication & Endpoint-Integrated Identity Define and steer phishing-resistant and passwordless strategy (e.g., FIDO2/WebAuthn, device-bound authentication, platform authenticators) Define endpoint-integrated trust models in partnership with endpoint/EUC teams (e.g., Intune device posture, compliant device enforcement, conditional access integration) Technology Optimization, Value Realization & ROSI As part of ongoing architecture governance, continuously evaluate and re-evaluate identity technologies and investments to maximise Return on Security Investment (ROSI), drive cost efficiency, identify optimisation opportunities, and ensure spend is aligned to measurable risk and control outcomes Ensure business cases and charters quantify expected value (risk reduction, incident reduction, operational efficiencies, productivity im