American Express Careers
VP Technology IV
Job Description
Qualifications
VP Encryption & Key Management
Description
The Vice
President of Encryption and Key Management will be accountable for establishing,
leading and running the Encryption and Key Management Programs at American
Express. The VP will be responsible for
delivery of Information Security Data Protection activities for American
Express globally, specifically:
·
Cryptography key management, Architecture, Design and Operations
·
Cryptographic Payment and Non Payment Solutions & Modernization
·
Encryption Migration Program
·
Enterprise infrastructure and software usage of cryptography
·
Driving
innovation and expanded adoption of cryptography across enterprise
infrastructure, application development, and all secure communication channels.
The
role will report into the SVP of IT Risk and Information Security and will
partner closely with the Chief Information Security Officer, and teams across
the enterprise in enhancing the operations of the Enterprise Data Encryption Program.
The VP of Data Encryption and Key Management will have the
following responsibilities:
·
Own and drive continuous improvements across the American Express Data Encryption
Program
o Optimize Data Protection process
maturity consistent with threat, legal and regulatory requirements
o Deliver leadership
reporting and risk metrics that drive Data Encryption awareness & cultural
change across the company
o Respond to audit and
examination requirements for the Data Encryption function
·
Lead the Key Management Center of Excellence function
o Design and implement key
management strategy that proactively protects American Express against
information security attacks
o Review Enterprise Key
management practices, policies and recommend amendments to existing policies to
align with Industry best practices
o Set strategic vision and
roadmap for the Security Cryptography function
o Consult on Business &
Technologies projects to ensure appropriate cryptography is delivered as part
of any solution
·
Drive the talent strategy (acquisition, development & retention) across
Data Encryption and Key management functions
·
Knowledge and experience with the following
technologies: Certificate management, Hardware Security Modules (HSMs),
Distributed Key Management System (DKMS), Cryptographic Cards, Integrated
Cryptographic Service Facility (ICSF), Trusted Key Entry (TKE)
·
Operate as part of the extended IT Risk and Information Security
leadership team in support of all information security and risk management
initiatives
·
Comprehensive design and implementation of
cryptographic components for global payments systems.
Preferred Qualifications:
·
Industry experience with proficiency in Cryptographic Payment and Non
Payment Solutions, Identity & Access Management and compliance based data encryption
strategies
·
10-15 years of relevant and progressive leadership experience in Security
Engineering, Information Security or Cyber Operations, Governance, Risk and Compliance
in a large financial services organization
·
Experience in leading and developing large teams in a 24*7 operational
environment
·
Thought leader with the ability to effectively manage risk and
pro-actively develop security strategies
·
Proven ability in developing and maintaining strong relationships in a
complex multi-national corporation
·
Strong problem solver with the ability to use analytical methods to
affect change
·
Effective organizational skills (including attention to detail) and
change management experience
·
Strong written and oral communication skills including the
communication of complex technical issues & concepts to non-technical staff
·
Demonstrated skills in expense management, financial planning and other
financial control for budgets
·
Aligned with American Express Leadership Behaviors
·
Remains calm under pressure
·
Knowledge and relationships across the Information Security industry
ReqID: 18009415
Schedule (Full-Time/Part-Time): Full-time