Why American Express?
There’s a difference between having a job and making a difference.
American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.
We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it.
Senior Information Security Analyst – Product Assessments
Product Assessments aids in protecting enterprise value by providing timely and reliable technology risk guidance and assessments to influence critical business and technology decisions. Our mission is to regularly and accurately assess, measure, catalog, and communicate technology risk.
- Conduct end to end security and technology assessments of business products. Requires expert knowledge in Information Security practices, tools, and processes
- Building and maintaining excellent relationships across Technology, Operational Risk, General Counsel’s Office (GCO), Global Banking and business teams, working closely with senior leaders and their representatives to ensure appropriate risk management, while maintaining client support
- Work with technology and business partners across business functions/processes to ensure alignment, understanding and ongoing communication on security controls and information security risk management
- Provide guidance on information security processes, controls, and compliance, and information security risk management to key stakeholders
- Partner with the company’s Operational Risk Group on framework enhancement initiatives
- Facilitate improving solutions by working with all levels across Technology to determine security technology solutions that align with business strategies, IT strategic directions and compliance objectives
- Document current and desired future state capabilities, incorporating industry leading technologies that enhance AXP's ability to manage technology risk and protect data
- Create reports and other materials to assist in monitoring the program effectiveness
- Provide guidance on IT and information security standardized metrics and criteria
Required Experience & Skills:
- 8+ years of relevant professional work experience in Information Security and Technology Risk Management
- Business facing application development experience, desired but not required
- Deep knowledge of application and infrastructure security best practices
- Ability to set priorities, resolve issues, provide guidance, and secure engagement and commitment from teams
- Proven collaboration skills along with the ability to influence without authority
- Strong interpersonal, leadership and change management skills, as well as solid presentation communication skills (written, graphical, quantitative and verbal)
- Exceptional ability to engage, educate, influence and collaborate across the enterprise
- Strong sense of personal accountability and ability to drive results
- Bachelor’s Degree in Computer Science or Engineering preferred
- CISM or CISSP certifications preferred, not required
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Feb 13, 2020, 12:37:02 PM