Information Security Specialist

Get Referred

Job Description

Why American Express?

There’s a difference between having a job and making a difference.

American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.

We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.

Because we believe that the best way to back our customers is to back our people.

The powerful backing of American Express.

Don’t make a difference without it.

Don’t live life without it.

This is an exciting opportunity to demonstrate knowledge gained and apply it in a dynamic, high-performing IT Risk & Information Security team. Responsible for assisting with activities designed to systematically run information security, such as security investigations, intelligence, assurance, and/or other project oversight, including developing standard methodologies for information security standards and handling IT controls and compliance with regulatory guidance. 


Security Incident Response/Threat Intelligence 

  • Act as the front line of defense at American Express protecting the brand, employees, assets and card members across the globe against threats 24/7/365
  • Minimize risk of cyber attacks and focus on detection and response of threats
  • Monitor, detect, and respond to security events and incidents that affect AXP globally 

Infrastructure, Application, and Network Security 

  • Drive risk reduction through the rapid identification and remediation of vulnerabilities across the enterprise
  • Deliver secure network solutions that enable secure operations and highly available products and services for our customers
  • Safeguard AXP data, customers, and brand through continuous monitoring and testing of production application environments 
Data Loss Prevention 
  • Protect our customers, partners, and colleagues from the loss of sensitive information through normal business processes and/or malicious actors
  • Monitor and block sensitive data loss where legally permissible 

Identity and Access Management/Authentication 

  • Deliver centralized Enterprise Identity and Access Management products
  • Provide authentication, authorization, and full lifecycle management capabilities
  • Reduce, manage, and monitor risk associated with identity and access to AXP resources 

Cryptography/Encryption Services 

  • Protect all forms of sensitive information, on all platforms, resulting in protection of the Brand and information assets, and regulatory compliance
  • Deliver cryptographic and key management solutions, and manage and operate secure cryptographic platforms
  • Drive continuous enhancement to data protection 

Governance, Risk, Compliance 

  • Bridge traditional boundaries between cyber and IT risk and expanding partnerships with IT and the business to drive risk reduction in the enterprise
  • Innovate Risk Management through enhancements in tooling and automation of processes; expand the capabilities of technology risk management
  • Extend risk management and control expertise beyond the information security domains into IT development organizations and the business 

Our Information Security Analysts are equipped to prepare, prevent, detect, respond and recover cyber security events. Beyond analysis, they provide insight, direction, and leadership that makes American Express one of the most respected companies in the world. 

Key Responsibilities and Example Tasks  
  • Assists in developing, implementing and monitoring compliance to AXP and Information security policies, standards and procedures, and other policies and standards as appropriate
  • Prepares materials (reports, presentations, spreadsheets, etc) on information security to help develop scenarios, response procedures, and to enable informed decision-making; verify completeness, accuracy and relevance of data gathered
  • Utilizes tools and documented processes to ensure consistency and optimization of information security processes; work in support of efforts to measure and improve information security processes
  • Maintains internal documentation library, ensuring that process and other documentation is regularly updated to reflect the latest operational processes and requirements
  • Provides analytical support as needed for issue management, project assessments, and reporting
  • Participates in the evaluation of products and/or procedures to improve productivity and effectiveness
  • Supports the analysis of underlying trends and action plans associated with information security and other domains
  • Test Security tool implementations, and assist enterprise customers in adoption of security

Minimum Qualifications

  • Education in Cyber Security or similar academic training
  • Strong work prioritization, planning, and interpersonal skills
  • Knowledge or awareness in information security, compliance, assurance, and/or other security standard methodologies and principles
  • Familiarity with security data analysis using analytic tools such as Excel, SQL, other query languages 
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. 


ReqID: 19019562
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Feb 14, 2020, 4:41:28 PM