American Express Careers

Information Security Analyst - Third Party Risk – Application Security (Web & Mobile)

New York, New York; Phoenix, Arizona
Digital Commerce Technology

Apply Get Referred

Job Description

 

 
This position, reporting to the Director of Third Party Risk, will be part of a team responsible for the continuous monitoring of the company’s most critically sensitive third parties.  The team is also responsible for performing in depth technology and information security assessments of critical third parties.
 
The person in this position will be responsible for managing third party application (Web & Mobile) security risk specifically focused on aspects of assessing, monitoring, and reporting on third party risks, process recommendations, testing of program controls.
 
Responsibilities also include:
  • Supporting execution of technical assessments for in-scope third parties
  • Assisting with evaluation of tools / technologies to support monitoring capabilities
  • Performing on-going tracking and monitoring of progress, and assist in management reporting on a periodic basis

Qualifications

  • 5 years’ experience in Information Security and/or Third Party Management
  • Demonstrated expertise in Application Security and Third Party Risk, specifically web and mobile application security, configurations, vulnerability, change management, SDLC
  • Knowledge of DAST and SAST tools, including but not limited to ZAP, BURP, NowSecure, HP Fortify on Demand, WhiteHat, Data Theorem, etc
  • Knowledge of Agile, Waterfall, or Scrum
  • Proficient knowledge of web development, including but not limited to Ruby, advanced JavaScript libraries (React, Angular, Knockout), Node.JS, JQuery, Object-Oriented Design, Web Services (REST/SOAP)
  • Demonstrable experience in solving challenging technical problems in two or more of the following areas:
    • Single Page web application development and Modern web development
    • Unix/Linux environment management
    • Software security
    • Cloud based continuous delivery and environment management
    • Large, distributed system development
    • Processing and analyzing large data sets
  • Demonstrable experience with JavaScript, Java, .NET, AWS, Functional programming, SQL, MongoDB, CouchDB, Neo4J, Hadoop, Cassandra, DynamoDB, ElasticSearch, Solr
  • Self-motivated team player with the ability to handle multiple work streams and support various team member collaborative projects to completion  
  • Ability to effectively collaborate across teams
  • Ability to quickly come up to speed in any area, sufficient to speak with an informed opinion and create a credible impression with stakeholders 
  • Effectively seeking and utilizing feedback from leaders and mentors to address skill gaps
  • Ability to clearly present options and make compelling recommendations, using persuasion to gain agreement or pitch an idea
  • Involving the right people to ensure the best decisions are made in a timely manner
  • Ability to analyze complex information and identify the most relevant details
  • Being flexible and able to adjust to new needs and new technologies, and to be comfortable with ambiguity
  • Strong sense of personal accountability and ability to drive results
  • Current certifications in CISSP, CISM, CISA, CRISC, CGEIT, COBIT, or PCI highly preferred
  • Bachelor’s Degree in Computer Science or Engineering preferred
 

 

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law.

 
US Candidates/Employees: Click here to view the 
"EEO is the Law" poster and supplement and the Pay Transparency Policy Statement.

 

If the links do not work, please copy and paste the following URLs in a new browser window: 

http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm and 

http://www.dol.gov/ofccp/pdf/EO13665_PrescribedNondiscriminationPostingLanguage_JRFQA508c.pdf

 

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

Why American Express?

There’s a difference between having a job and making a difference.

American Express has been making a difference in people’s lives for over 160 years,

backing them in moments big and small, granting access, tools, and resources to take

on their biggest challenges and reap the greatest rewards.

We’ve also made a difference in the lives of our people, providing a culture of learning

and collaboration, and helping them with what they need to succeed and thrive. We

have their backs as they grow their skills, conquer new challenges, or even take time to

spend with their family or community. And when they’re ready to take on a new career

path, we’re right there with them, giving them the guidance and momentum into the

best future they envision.

Because we believe that the best way to back our customers is to back our people.

The powerful backing of American Express.

Don’t make a difference without it.

Don’t live life without it.


 


ReqID: 18016087
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Dec 4, 2018, 3:23:26 PM
Apply Get Referred