American Express Careers

Information Security Specialist

Phoenix, Arizona; Salt Lake City, Utah; New York, New York
Digital Commerce Technology

Apply Get Referred

Job Description

The position, located in Phoenix, is part of the Global Risk, Banking & Compliance organization and reports to the Director, Information Security and Information Technology Risk Oversight. Strong information technology and information security programs are key contributors to loyalty, trust, customer experience, and the American Express brand. Properly assessing, managing, and overseeing global information technology and information security risk is critical to the Company’s business.
The successful candidate will have deep information security and information technology expertise, including industry knowledge and awareness of emerging technologies which impact cyber security. The position requires a demonstrated ability to manage information security and information technology risk, and is a team player who is comfortable working across a range of functions including compliance, legal, operational excellence, privacy, risk oversight, and many other partners to promote best information security throughout the enterprise.
The successful candidate will also have demonstrated the ability to assess information security and information technology risk and can provide strong subject matter expertise on current controls and processes.  The role will work to improve risk management and control strength by providing independent assessment of, and effective challenge to, key components of the information security and information technology program through process evaluation, reviews and ongoing monitoring.
  1. Conduct independent risk assessment of the information security and information technology programs and provide effective challenge to the design and execution of technical and procedural controls.
  2. Provide strong subject matter expertise in the areas of threat intelligence, production and integration into security operations, threat and vulnerability management and other technical domains as required.
  3. Provide periodic updates, reports, and recommendations regarding best practice information security and information technology controls, risk assessment and risk remediation strategies
  4. Actively evaluate and monitor information security and information technology controls.
  5. Contribute to the annual risk assessment and benchmark and coordinate risk-based investigations of controls.
  6. Conduct industry benchmarking, regulatory requirement gathering and peer-based analysis of available controls, risk assessment methodologies and risk mitigation practices to assess for coverage gaps.
  7. Support the development of information security and information technology metrics (e.g. KRIs and KPIs) to continuously monitor and oversee program level risks.



  1. Minimum three years of operational experience in one of the following technical domains:  Incident management and response, security incident & event management, threat intelligence, .
  2. Demonstrated knowledge and experience in the cyber threat intelligence lifecycle, security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc..
  3. Risk assessment experience is preferred, particularly in a financial services or highly regulated environment
  4. Strong verbal and written communication skills and excellent relationship building skills
  5. Bachelor's degree in Computer Science, Information Systems, Business Administration or other related field (or equivalent work experience).  Advanced degree preferred.
  6. Technical certification is preferred (e.g. GCIH, GCFE, CISSP etc.)
  7. Working knowledge of framework standards for IS & IT (OWASP, NIST, MITRE, etc.) preferred
  8. Strong attention to detail

Why American Express?

There’s a difference between having a job and making a difference.


American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.


We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.


Because we believe that the best way to back our customers is to back our people.


The powerful backing of American Express.

Don’t make a difference without it.

Don’t live life without it.


Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

ReqID: 19011826
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Jul 15, 2019, 5:50:47 PM
Apply Get Referred