American Express Careers
Information Security Manager- IT Risk
- Work with key stakeholders within information technology and information security to identify risks and recommend control implementations.
- Lead the performance of design assessments on current technology controls to identify potential improvement opportunities.
- Define metrics to support operating effectiveness conclusions and enable continuous control monitoring.
- Lead the performance of thematic root-cause analysis on recurring technology caused events to identify unmitigated risks and areas for control enhancements.
- Ensure various compliance requirements (SOX, BASEL, GLBA, etc) are met through implementation of controls
- Refine risk libraries and associated questionnaires to ensure business teams are appropriately addressing technology and information security risk.
- Keep up-to-date on new regulations, compliance requirements, and official guidance from industry related organizations.
- Drive creative thinking to generate insights, alternatives, and technical terms within key areas of technology.
- Demonstrate ability to consider multiple viewpoints and bring them to consensus.
Do you have what it takes to lead the way in cyber security?
· Bachelor’s or Master’s Degree in related field preferred.
· CISA, CISM, or CRISC required.
· 5 years of relevant experience required, 10+ years preferred.
· Experience with development and/or assessment of technology and information security controls.
· Expertise in assessing technology risks and development of controls to mitigate risks.
· Expertise in key technology domains including: change management, incident and problem management, event management, SDLC and application development, service continuity/availability.
· Experience in key information security domains including: application security, identity and access management, and IT Asset and Configuration management.
· Experience in automation and data analytics to enable process improvement preferred.
· Banking or Financial Services industry experience preferred.
· Audit and compliance experience preferred.
· Demonstrated ability to effectively engage, lead, educate, influence and collaborate across the enterprise to drive results.
· Exceptional communication skills, both written and presentation.
· Shares expertise and knowledge to support teams.
· Strong interpersonal relationship skills with ability to quickly establish new relationships.
At the core of Information Security.
Every member of our team must be able to demonstrate the following technical, functional, leadership and business core competencies, including:
· Agile Best Practices (Understanding the framework and how to apply)
· Emerging Technologies (Cloud, Blockchain, etc)
· Analytical Thinking (Analyzing complex information and identifying the most relevant details)
· Technical Process Improvement
· Information Risk Management
· Coaching and Mentoring
· Collaboration & Teamwork
· Industry and Company Knowledge
· NIST, ISO, PCI, NYDFS, etc.
· RSA Archer toolset
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
Why American Express
Talk to our people and you’ll find out what we’re really all about. Inclusive, creative, thorough, collaborative and innovative are just some of the expressions you’ll hear. It’s our culture that makes American Express an outstanding place to work, and a big part of why we regularly win best workplace awards all over the world. If you’re ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law.
If the links do not work, please copy and paste the following URLs in a new browser window:
Schedule (Full-Time/Part-Time): Full-time