American Express Careers

Information Security Analyst - Metrics and Reporting

Bangalore, India
Digital Commerce Technology

Apply Get Referred

Job Description

Information Security Analyst – Metrics and Reporting

Reporting to the Director of IT and Security Risk Advisory, the Information Security Manager – Metrics and Reporting, is responsible for collecting metric relevant data points, analyzing data for accuracy and consistency, consolidating metrics into executive level presentations, escalating risk related to metrics that do not align with expectations, and following up on inquiries from senior management.
Responsibilities Include:
Periodic Executive Reporting - Perform executive reporting function for IT Risk Management and Services by facilitating end-to-end monthly Business Unit reporting cycles through director / VP review meetings, and coordination with various senior level stakeholders.  Prepare materials for VP presentations to proactively manage executive questions.  
  • Coordinate and consolidate information from multiple organizations, evaluating incoming information for completeness, and accuracy, while noting items for escalation.
  • Analyze and communicate monthly control ratings results for Operational Risk metrics, Audit and Compliance by gathering metric result detail from multiple contacts and reporting platforms and performing analysis against relevant metric thresholds.
  • Drive metrics communications as subject matter expert and develop monthly focus areas/deep dives highlights based on critical risks to the Technology organization.
Control Rating Awareness and Analysis – Perform analysis and awareness function for Technology BU.
  • Act as subject matter expert for Technology BU for topics related to the yearly Business Unit Control Ratings
  • Communicate news and results to leadership in monthly executive reporting and during each interim reporting cycle
  • Perform and communicate predictive analysis of control rating posture against multiple scenarios
Operational Risk Reporting Program Management
  • Drive reporting excellence and innovation through building and leveraging relationships, communicating effectively, and driving results while managing tight deadlines.
  • Ability to manage competing priorities and focus on key critical areas


Skill Requirements:
  • 3+ years IT Risk Management experience
  • 3+ years executive level reporting experience
  • In-depth knowledge of operational risk management frameworks, information security and technology risk metrics
 Preferred Attributes:
  • Proficient in PowerPoint and Excel and a variety of reporting tools
  • Strong analytical skills
  • Relevant professional/industry certifications (CRISC, CISM, CISSP, etc.)

ReqID: 19008064
Schedule (Full-Time/Part-Time): Full-time
Date Posted: May 29, 2019, 7:53:18 AM
Apply Get Referred