Why American Express?
There’s a difference between having a job and making a difference.
American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.
We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it.
It’s more than protecting systems and data.
Our Information Security Analysts know that security is a top priority for our business and our partners and customers. Today, as cyber-attacks increase and compliance is more rigorously enforced, we look to them to stay ahead of what’s next and to protect our business and our future. So if you are dedicated to the latest technology and motivating others, secure your career here.
This role will be responsible for supporting the Application Security organization, including performing threat assessments on runtime web applications. The ideal candidate should have experience in detecting application security vulnerabilities and can intelligently speak to the technical details of the threats.
You won’t just see the problem coming, you’ll see the solution.
New threats to our business, our partners and customers appear on the horizon every day, so no two days are the same. But there are some things you can count on doing:
- Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
- Encouraging employee contribution, such as feedback, career development planning, and goal setting.
- Developing plans and strategies for information security tools, processes, and programs
- Responding to changes in the regulatory environment and assisting other organizations in doing the same.
- Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
Do you have what it takes to lead the way in cyber security?
- 1-3+ years of experience in application penetration testing, red team, or Security Operations Center (SOC) analyst, preferably as a mid or senior resource.
- Good knowledge of OWASP Top 10 and the ability to articulate web security risks and determine threat level.
- Knowledge of dynamic web application scanners is a plus, including (but not limited to) OWASP Zed Attack Proxy, Kali Linux, Metasploit, BURP Suite, HP WebInspect, Qualys, or WhiteHat.
- Demonstrated time management skills and strong work ethic, attention to detail, and problem-solving skills.
- Possession of industry standard certification such as OSCP, CISSP, CEH, GMOB, GWAPT, GPEN and/or other relevant penetration testing related certifications is a plus.
- BS degree in Computer Science, similar technical field of study, or equivalent practical experience.
- Ability to effectively collaborate with others in English.
- Information Security, Security Testing, and/or Risk Analysis Experience
At the core of Information Security Management.
Every member of our team must be able to demonstrate the following technical, functional, leadership and business core competencies, including:
- Agile Practices
- Emerging Technologies
- Business Process Improvement
- Business Risk Management
- Analytical Thinking
- Coaching and Mentoring
- Business Case Development
- Industry and Company Knowledge
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Jan 13, 2020, 9:58:53 PM