American Express Careers

Web Engineer- Application Security

Phoenix, Arizona
Digital Commerce Technology

Apply Get Referred

Job Description

This role is responsible for acting as a member of the Application Security Management program. The Application Security Management team services multiple organizations to scan applications for vulnerabilities and work with application teams to reduce risks within American Express.  To support these efforts, the program focuses on developer education, static analysis security testing (SAST), dynamic analysis security testing, (DAST) as well as program governance.  
Responsibilities of this position will include but not be limited to the following:
  • Act as technical liaison between Application Security and application development teams, including guiding teams towards strong application security practices and remediating known risks.
  • Implement automation efforts to reduce manual workload and deliver results to customers effectively
  • Develop and implement continuous service improvements to Application Security Management program
  • Delivers next generation application security controls, socializing with application teams to ensure strong adoption and solves technical barriers with tools and processes
  • Works individually and with teams on both structured and unstructured assignments
  • May participate as subject matter expert or lead multiple moderately complex initiatives
  • May be required to provide off hours support


The successful candidate will be a results driven, flexible team member possessing the following required qualifications:
  • Preferably holds a Bachelor's degree in Computer Science, Information Systems, or other related field (or equivalent work experience).
  • Proficient knowledge of web development, including but not limited to Ruby, advanced JavaScript libraries (React, Angular, Knockout), Node.JS, JQuery, Object-Oriented Design, Web Services (REST/SOAP)
  • Good working knowledge of code versioning tools like Git and continuous delivery tools like Jenkins, Maven, or Ant
  • Professional Audit or Information Security certification (e.g. CISA, CISSP, CISM, etc.) is a plus
  • Knowledge of security frameworks, standards, and best practices (i.e. OWASP, NIST, PCI, ISO, COBIT, COSO, CMMI) is a plus
  • Typically possesses prior IT and business work experience with exposure to various technical environments and business segments, and some experience working with auditors and regulators. 
  • Superior skill in organizing, managing and interpreting data
  • Proven communication skills, the ability present information clearly and concisely to all levels of management both formally and informally
  • Requires experience in analyzing large amounts of data, interpreting results, and making recommendations
  • Strong communication and experience working across teams to achieve goals
  • Strong time management skills, and the ability to prioritize and multi-task. 
  • In-depth experience with desktop software and office automation tools

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.


ReqID: 18004942
Schedule (Full-Time/Part-Time): Full-time
Apply Get Referred