American Express Careers

Incident Response Manager

Phoenix, Arizona
Digital Commerce Technology

Apply Get Referred

Job Description

Why American Express?
There’s a difference between having a job and making a difference.
American Express has been making a difference in people’s lives for over 160 years,
backing them in moments big and small, granting access, tools, and resources to take
on their biggest challenges and reap the greatest rewards.
We’ve also made a difference in the lives of our people, providing a culture of learning
and collaboration, and helping them with what they need to succeed and thrive. We
have their backs as they grow their skills, conquer new challenges, or even take time to
spend with their family or community. And when they’re ready to take on a new career
path, we’re right there with them, giving them the guidance and momentum into the
best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it
External Posting Description:
This global American Express (AMEX) position is primarily responsible for managing the end to end Data Security Incident Response lifecycle (i.e. incident Intake, Containment, Investigation, Notification and Closure). These Data Security incidents can be potential/confirmed, internal or external data compromises/breaches impacting AMEX sensitive data. Incidents are assigned to the Incident Response Manager  on a rotation basis and the Incident Response Manager  is then responsible for managing both the technical and operational aspects of their own portfolio of incidents throughout the lifecycle.
As part of managing the incident lifecycle, the Incident Response Manager  is also responsible for collaboration and relationship management of key internal stakeholders (i.e. AMEX Legal, Global Privacy, Global Security, Market Compliance, Fraud & Risk) along with other internal information security groups. Relationship management is also required with external entities such as AMEX Merchants and Third Parties as well as industry PCI Forensic Investigation (PFI) companies.  


The successful candidate should possess strong knowledge and demonstrated experience in analyzing large amounts of information (structured and unstructured) across a diverse set of information sources both internal and external, to manage a data compromise.
Additional skills preferred for this position include:
  • Ability to deal with ambiguity and complexity to achieve key objectives
  • Experience translating complex concepts and data into understandable and actionable terms
  • Experience with developing and/or working with technical data and other information from multiple sources incl. external third parties
  • Highly developed communication and relationship management skills
  • Excellent time management skills; ability to prioritize and multi-task
  • Should have strong knowledge or working experience in Information Security, Data Privacy, Compliance, Operational Excellence and/or other similar domains both domestic and international
  • Knowledge of related industry frameworks, standards, and best practices (i.e. NIST, PCI, ISO, COBIT, CMMI)
  • Professional certification preferred (e.g. CISA, CISSP, CISM, CPCB, etc.
  • Typically holds a Bachelor’s degree in Computer Science, Information Systems, or Business Administration

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

ReqID: 19008659
Schedule (Full-Time/Part-Time): Full-time
Date Posted: May 10, 2019, 4:07:37 PM
Apply Get Referred