American Express Careers

Mgr/Sr Mgr - Commercial Privacy

New York, New York
Operations Risk Management

Apply Get Referred

Job Description

American Express is a global service company, providing customers with exceptional access to products and experiences that enrich lives and build business success. Each day, we make it easier, safer, and more rewarding for consumers and businesses to purchase the things they need and for merchants to sell their goods and services, enabling them to do and achieve more. We’re committed to becoming the world’s most respected service brand and daily deliver extraordinary service to our customers, constantly reinventing our ways of working to ensure we offer rich rewards that redefine expectations for our clients and ourselves.


Privacy is a key contributor to loyalty, customer experience, and the American Express brand. Properly assessing, managing, and overseeing global privacy risk is critical to the company’s business.

Job Description:

This Manager is part of American Express’ Privacy and Information Oversight team within Global Risk, Banking, and Compliance (GRBC) and will report to the Director, Institutional Privacy. The position is based in New York and is a second line risk oversight function. This Manager will translate legal, policy, technology, and digital requirements, as well as business objectives into processes and capabilities to position privacy as a competitive advantage that drives business growth and customer loyalty.


Key Responsibilities

  • Provide privacy subject matter expertise.
  • Provide risk management and strategic advice.
  • Support the ongoing development of American Express’ global privacy program.
  • Ensure adherence to the enterprise privacy risk appetite.
  • Project management.
  • Foster a culture of privacy at American Express by advocating for privacy-by-design, integration of the American Express Data Protection & Privacy Principles, accountability, and sharing of best practices. 


  • Experience supporting business clients in a highly regulated environment.
  • Familiarity with American Express’ closed loop model and the card payments industry.
  • Knowledge of operational risk concepts and requirements with an emphasis on privacy.
  • Knowledge of US (GLBA/Reg P, CAN-SPAM, TCPA, FCRA/FACTA) and global Privacy related laws, regulations, and best practices.
  • Experience in designing and implementing privacy related controls.
  • Strong analytical capabilities.
  • Strong presentation skills, particularly in the development of professional and thoughtful materials.
  • Highly organized and strong written and verbal communication skills.
               Preferred Additional:    
    • J.D. and/or CIPP certified.
    • Prior work in privacy compliance, audit and/or risk management experience in a financial services, digital, or technology company preferred but not required.
    • Knowledge of Internet and digital technologies (e.g., alternative payments, mobile apps, online advertising, tracking technologies, social media, and large data sets, with a focus on personal data flows).

American Express is an equal opportunity employer.

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

ReqID: 19008697
Schedule (Full-Time/Part-Time): Full-time
Date Posted: May 15, 2019, 3:24:01 PM
Apply Get Referred