Description:

Position Overview:
The ideal candidate for this senior role within AIG's Data, Digital, and Cyber Legal Group is a highly experienced cybersecurity attorney with significant expertise managing complex incident response, negotiating and drafting technology and cybersecurity‑related agreements, and advising on regulatory compliance across the financial‑services sector. This attorney will play a key leadership role in shaping enterprise‑wide cyber risk strategy, supporting global business initiatives, and ensuring compliance with evolving regulatory expectations.

The candidate will deliver strategic, pragmatic legal guidance that both protects the organization and enables business innovation. This role requires a sophisticated understanding of cyber threats, regulatory frameworks, operational risk, and the unique challenges facing a global financial institution.

Key Responsibilities:
Regulatory Compliance & Engagement

Provide sophisticated counsel on U.S. and global cybersecurity regulations applicable to financial institutions.
Serve as a primary point of legal contact for cybersecurity‑related inquiries from financial‑services regulators, including responding to exams, supervisory requests, and regulatory reporting obligations.
Monitor global regulatory developments and proactively advise leadership on required compliance enhancements.

Cybersecurity & Incident Response

Lead legal strategy for cybersecurity incidents, including directing complex, multi‑jurisdictional incident response, coordinating with internal stakeholders, regulators, third‑party forensic firms, and law enforcement as needed.
Develop and refine enterprise incident response protocols, including tabletop exercises, crisis‑management structures, and regulatory notification workflows.
vise on legal risks related to ransomware, data breaches, network intrusions, vendor incidents, and emerging cybersecurity threats.

Commercial Contracting

Draft, negotiate, and advise on a wide range of vendor and client facing cybersecurity‑related agreements.
Partner with procurement, security, technology, and business stakeholders to ensure contractual controls align with enterprise risk and regulatory expectations.

Strategic Advisory & Cross‑Functional Leadership

Serve as a trusted advisor to the CISO organization, technology leadership, and operational risk teams on cybersecurity and data‑risk strategy.
Promote a positive, collaborative culture within the GLCR department and act as a thought leader across the company and the broader cybersecurity legal community.

Qualifications:

J.D. from an accredited U.S. law school and active license to practice law.
10+ years of legal experience, including significant experience supporting incident response and advising on cyber‑risk management for a complex, highly regulated organization.
Deep knowledge of cybersecurity laws, regulations, and regulatory expectations applicable to financial services.
Extensive experience drafting and negotiating technology and cybersecurity‑related contracts.
Exceptional communication, problem‑solving, and crisis‑management skills; ability to advise senior leaders under pressure.
Highly collaborative, adaptive, and business‑focused approach.
CIPP‑US, CISSP, or other cybersecurity/privacy certification preferred, but not required.

The base salary range for this position is $170,000-$200,000 and the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we're proud to offer a range of competitive benefits, a summary of which can be viewed here: US Benefits (https://sprcdn-assets.sprinklr.com/248/7cae7257-96d1-4207-bc2c-e1b8447826e3-220371966/2026_AIG_Benefits_Overview.pdf)

At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.