American Express Careers
Manager, Information Security Oversight
- Function as the Manager, Information Security Oversight, Global Risk, Banking and Compliance to ensure compliance with American Express Information Security, Information Technology, & Management Policies - Financial Institution Letters and other guidance, regulation, and law governing financial Institutions for IT Risk & Information Security
- Creating monthly reports for Senior leadership within the Bank and presenting the same to relevant Bank committees
- Work closely with Business, Operational Risk, Compliance, Technologies and other teams as appropriate to review and approve new product launches from Information Security perspective and highlight risks and appropriate mitigations measures as applicable
- Create applicable regulatory reports and submit to internal teams as well as regulators as appropriate
- Collaborate with Information Security oversight team to align Bank’s information security program with global framework and best practices
- Perform Annual IT/IS Risk Assessment and present the results to the Audit and Compliance Committee of the Board
- Serve as a member of the IT Steering Committee and present current/emerging cyber threat trends and Bank’s readiness to deal with them on a periodic basis
- Ensure compliance within the area of responsibility of all banking rules for federal, state, local, and country-specific guidelines and regulations, and past auditing results.
- Provide periodic updates, reports, and recommendations to the Leadership and Boards of Directors on various Information Security/Technology related topics
- Responsible and accountable for the IT Risk & Information Security requirements of the international Banks
- Responsible for developing, establishing, monitoring, reviewing, and improving the strategies, processes, and procedures within the scope of this job description.
- Identify, articulate, initiate, and monitor progress of actionable and measurable goals/KRIs/KPIs to be accomplished. Lead interaction with regulators on matters related to the incumbent’s area of responsibility
- Ensure all Leadership functions outlined and/or required by American Express are properly and effectively conducted and displayed. Possess and execute outstanding ability to evaluate and influence others (direct reports, peers, managers, affiliates, business partners, etc.) to achieve complex objectives against tight deadlines.
- Responsible for staying knowledgeable of Regulatory and legislative changes pertaining to banking and credit card practices that may impact American Express, and/or the incumbent’s area of responsibility.
- Conform with, and abide by all regulations, policies, work procedures, and instructions
- Required self-starter who can work with minimal supervision and across multiple time zones and various times-of-day
- Demonstrate appropriate technical skills and abilities in-line with jobs responsibilities (such as emerging technology and associated IT & Information Security Risk)
- Develop staff member’s training, education, and expertise within their respective responsibility, as applicable. Establish and maintain communication channels with affiliate service providers. Provide oversight of key bank vendors and service level agreements related to the area of responsibility.
- Complete required annual training commensurate with duties.
- Demonstrates good verbal and written communication skills; and, other duties as assigned
- Knowledge of OSFI Cyber Security regulations related to IT and IS
- 5+ years full-time Information Security experience
- 10+ years working knowledge of key IT & Application Risk Management functions
- Strong background in overall Risk Management security discipline
- Strategic thinker who is able to combine technical skills with overall business strategy to creatively solve complex problems
- Ability to collaborate with cross functional teams across geographies in various time zones
- Proven Technology Operations Management experience
- Experience in leading teams of employees, contractors and vendor partners
- Strong presentation skills
- Strong communication skills (written and verbal)
- Experience working with and communicating to senior leaders
- Ability to analyze high level requirements, identify and evaluate alternatives, develop recommendations, gain leadership alignment and implement changes
- Ability to manage multiple projects simultaneously with minimal guidance and direction
- Willingness to challenge traditional thinking by actively engaging in constructive dialogue
- Ability to make sound decisions under pressure
- Ability to support/manage multiple projects with changing priorities
- Educational requirement: Preferred background in Computer Science or Information Systems
- Preferred Additional: Certifications: CISSP, CISM, CISA
- Bachelor’s Degree in related field
- Industry certifications (e.g. CISM, CISA, CISSP)
- Strong knowledge of PCI DSS
- Knowledge of IT & IS regulations in Canada
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Oct 31, 2018, 3:33:46 PM