Information Security Analyst-Vulnerability Management

Get Referred

Job Description

Why American Express?


There’s a difference between having a job and making a difference.


American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.


We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.


Because we believe that the best way to back our customers is to back our people.


The powerful backing of American Express.

Don’t make a difference without it.

Don’t live life without it.


The Endpoint Vulnerability Management team protects the enterprise by providing timely and reliable technology to assess and assist with remediation of vulnerabilities and configuration errors that could introduce risk to the environment. The ideal candidate for this role will have experience in IT security, vulnerability management and remediation, excellent communication skills, and the ability to think critically and analyze data to contribute to the success of the program. 


Key responsibilities include:

  • Documentation across multiple levels (i.e. program, technical, instructional, reporting and metrics)
  • Conduct vulnerability scanning and be able to interpret the results.
  • Partnering with Digital Workplace teams to drive vulnerability remediation.
  • Maturing the program by implementing new products, processes, procedures, or otherwise expanding the scope of the vulnerability management program.
  • Troubleshooting and investigating issues as they arise.
  • Prioritize remediation to minimize potential for impact.
  • Analyze vulnerability impact to the environment and evaluate compensating controls.
  • Act as a technical subject matter expert on Infrastructure Security principles
  • Support the rest of the Endpoint Security team and consult on areas that overlap vulnerability management (i.e. Patch, Mobile, IoT, etc).

Minimum Qualifications

  • Required Work Experience, Education, Certification / Training:
  • At least 3 years of work experience in Information Security, Technology, or Vulnerability Management
  • Experience with enterprise vulnerability management software a plus
  • Experience with: project management, change management, incident management, and service continuity/availability
  • Experience in data analysis, metrics, and reporting.
  • Understanding of risk management and audit (risk policies, procedures and controls)
  • System Administrator background experienced with security technologies a plus
  • Excellent written and oral communication skills
  • Highly self-motivated and directed
  • Keen attention to detail
  • Bachelor’s degree in information security, information systems, computer science or related fields preferred
  • Professional certifications a plus (CISSP, CISA, CISM, PMP or equivalent)
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. 


ReqID: 20004452
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Mar 19, 2020, 4:01:29 PM