“You Lead the Way. We’ve Got Your Back.
At American Express, we know that with the right backing, people and businesses have the power to progress in incredible ways. Whether we’re supporting our customers’ financial confidence to move ahead, taking commerce to new heights, or encouraging people to explore the world, our colleagues are constantly redefining what’s possible - and we’re proud to back each other every step of the way. When you join #TeamAmex, you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day.”
This is an exciting opportunity to demonstrate knowledge gained and apply it in a dynamic, high-performing IT Risk & Information Security team. Responsible for assisting with activities designed to systematically run information security, such as security investigations, intelligence, assurance, and/or other project oversight, including developing standard methodologies for information security standards and handling IT controls and compliance with regulatory guidance.
Security Incident Response/Threat Intelligence
- Act as the front line of defense at American Express protecting the brand, employees, assets and card members across the globe against threats 24/7/365
- Minimize risk of cyber-attacks and focus on detection and response of threats
- Monitor, detect, and respond to security events and incidents that affect AXP globally
Infrastructure, Application, and Network Security
- Drive risk reduction through the rapid identification and remediation of vulnerabilities across the enterprise
- Deliver secure network solutions that enable secure operations and highly available products and services for our customers
- Safeguard AXP data, customers, and brand through continuous monitoring and testing of production application environments
Data Loss Prevention
- Protect our customers, partners, and colleagues from the loss of sensitive information through normal business processes and/or malicious actors
- Monitor and block sensitive data loss where legally permissible
Identity and Access Management/Authentication
- Deliver centralized Enterprise Identity and Access Management products
- Provide authentication, authorization, and full lifecycle management capabilities
- Reduce, manage, and monitor risk associated with identity and access to AXP resources
- Protect all forms of sensitive information, on all platforms, resulting in protection of the Brand and information assets, and regulatory compliance
- Deliver cryptographic and key management solutions, and manage and operate secure cryptographic platforms
- Drive continuous enhancement to data protection
Governance, Risk, Compliance
- Bridge traditional boundaries between cyber and IT risk and expanding partnerships with IT and the business to drive risk reduction in the enterprise
- Innovate Risk Management through enhancements in tooling and automation of processes; expand the capabilities of technology risk management
- Extend risk management and control expertise beyond the information security domains into IT development organizations and the business
Our Information Security Analysts are equipped to prepare, prevent, detect, respond and recover cyber security events. Beyond analysis, they provide insight, direction, and leadership that makes American Express one of the most respected companies in the world.
Key Responsibilities and Example Tasks
- Assists in developing, implementing and monitoring compliance to AXP and Information security policies, standards and procedures, and other policies and standards as appropriate
- Prepares materials (reports, presentations, spreadsheets, etc) on information security to help develop scenarios, response procedures, and to enable informed decision-making; verify completeness, accuracy and relevance of data gathered
- Utilizes tools and documented processes to ensure consistency and optimization of information security processes; work in support of efforts to measure and improve information security processes
- Maintains internal documentation library, ensuring that process and other documentation is regularly updated to reflect the latest operational processes and requirements
- Provides analytical support as needed for issue management, project assessments, and reporting
- Participates in the evaluation of products and/or procedures to improve productivity and effectiveness
- Supports the analysis of underlying trends and action plans associated with information security and other domains
- Test Security tool implementations, and assist enterprise customers in adoption of security
- Education in Cyber Security or similar academic training
- Strong work prioritization, planning, and interpersonal skills
- Knowledge or awareness in information security, compliance, assurance, and/or other security standard methodologies and principles
- Familiarity with security data analysis using analytic tools such as Excel, SQL, other query languages
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.