American Express Careers
Information Security Manager - Third Party Risk – Application Security (Web & Mobile)
- Support execution of technical evaluation of web and mobile applications for in-scope third parties.
- Assist with evaluation of tools / technologies to support monitoring capabilities.
- Perform on-going tracking and monitoring of progress, and assist in management reporting on a periodic basis.
- 10 years’ experience in Information Security and/or Third Party Management
- Demonstrated expertise in Application Security and Third Party Risk, specifically web and mobile application security, configurations, vulnerability, change management, SDLC.
- Knowledge of Agile, Waterfall, or Scrum
- Demonstrable experience in solving challenging technical problems in the following areas:
- Single Page web application development and Modern web development
- Unix/Linux environment management
- Software security
- Cloud based continuous delivery and environment management
- Large, distributed system development
- Processing and analyzing large data sets
- A broad understanding of the terminology, core principles, IT controls and best practices across key risk domains, including: risk assessment methodology, identity and access management, network and infrastructure security, application security, data loss prevention, and incident management
- Self-motivated team player with the ability to handle multiple work streams and support various team member collaborative projects to completion.
- Proven excellent relationship management skills with all levels of the enterprise are required
- Ability to effectively collaborate across teams
- Ability to quickly come up to speed in any area, sufficient to speak with an informed opinion and create a credible impression with stakeholders
- Ability to identify gaps between one’s skillset and the needs of the team.
- Effectively seeking and utilizing feedback from leaders and mentors to address skill gaps
- Ability to clearly present options and make compelling recommendations, using persuasion to gain agreement or pitch an idea
- Involving the right people to ensure the best decisions are made in a timely manner
- Ability to analyze complex information and identify the most relevant details.
- Being flexible and able to adjust to new needs and new technologies, and to be comfortable with ambiguity
- Strong sense of personal accountability and ability to drive results
- Current certifications in CISSP, CISM, CISA, CRISC, CGEIT, COBIT, or PCI highly preferred
- Bachelor’s Degree in Computer Science or Engineering preferred
Schedule (Full-Time/Part-Time): Full-time
Date Posted: May 29, 2019, 7:30:22 AM