Information Security Analyst I

Get Referred

Job Description

Why American Express
American Express is a global services company and the world’s largest card issuer. Our direct relationships with many millions of consumers, businesses and merchants worldwide - combined with our leading edge marketing, information management and rewards capabilities - enable us to offer an array of valuable services that enrich lives, build business success, encourage financial responsibility and create communities of people with common interests.

American Express for 9th consecutive year has been voted among India’s top 10 workplaces by the Great Place to Work institute. In recognition of our consistent performance, we were nominated to the Great Place to Work “Hall of Fame”.

At American Express, we serve customers, not transactions. We’re widely known for providing superior customer service and have been recognized for a number of achievements including being ranked highest in customer satisfaction within the credit card industry by J.D. Power for seven consecutive years.

A career at American Express is rich in experience and offers opportunities to build lasting relationships with our customers.

Come join us and realize your potential.

Function Description:
Global Services Group (GSG) brings together the company’s external and internal servicing functions, and includes the below world-class organizations:
• Global Servicing Network, which provides exceptional care to our external customers, and
• Global Business Services, which provides many of the vital internal services that make American Express run efficiently.

Under GSM (Global Supply Management) , TLM team is set up with primary objective to assess, monitor, and mitigate risks associated with the services offered by new and existing third-parties. The TLM Process Framework comprises pre-contract and post-contract phases.

Third Party Security Management (TSM) within TLM team, acts on behalf of the business to complete certain aspects of the due diligence required when information security risk (Amex data and systems) is involved in the delivery of the service by the Third Party.

The incumbent will be required to support TSM (Third-Party Security Management) processes which are executed and operated under TLM (Third-Party Lifecycle Management). TSM team is responsible for assessing global third-parties on their Information Security practices against Amex standards and derives risks to Amex data and systems. A brief job description for the same shall be:

Information Security Assessments/Compliance Activities:
- Contribute in the TSM team to help and prepare Information Security Assessments using Amex tools as per the defined procedures
- Assist the team in driving assessment activities (e.g., follow-ups, escalations, management reporting, etc.)
- Help the team in tracking overall assessments activities end-to-end (toll-gates, current status, IS critical assessments progress) against existing milestones and report on a regularly basis.
- Help in coordinating InfoSec gap remediation with stakeholders e.g. with BU relation managers , External Assessors, and third-parties, etc.

Project requirements:
- Contribute in understanding and improving Standard Operating Procedures/Policies for the TSM.
- Coordinate and help in drafting training materials as needed (e.g. TSM or TRM Trainings, etc.).
- Acting as a process champion (buddy) for new person onboarding e.g. training, access needs, etc.
- Schedule, execute and document critical meeting minutes for both internal and external stakeholders (e.g. Team meetings, Operation/Calibration calls with Assessors, gap remediation calls, etc.).
- Finding and driving process efficiencies, optimal usage of resources, contributing in automation, etc.


Work Experience:
- 5-6 years of overall experience (and 2-3 years in IT/InfoSec, Audits, Risk and Compliance preferably)
- Experienced professional at responsible positions, including exposure to work with global teams
- Background in IT Risk and compliance, Information Security, IT Security Operations, Third-Party Supplier Management, Risk Management, IT Audits, IT Automation and Analytics.

Skills and Behavior:
- Strong interpersonal skills as role involves dealing with multiple stakeholders in diversified geographies.
- Excellent communication skills (both written and verbal).
- Task oriented skills with accountability and acumen to look at the bigger picture.
- Flexibility and enthusiasm to take special projects and collaborate to drive success for the team.
- Attention to detail in reading and drafting procedures/reports.
- Ability to multi-task, challenge status quo, and problem-solving skills.

Qualifications and Professional Skills:
- Proficiency in Microsoft tools including Word, Excel, PowerPoint, Visio and SharePoint is a must.
- Prior experience in information security with a certification (desired but not mandatory)
- Bachelor’s degree in IT, Computer Science and related domain will be an added advantage

ReqID: 19020156
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Nov 25, 2019, 12:15:44 PM