Information Security Manager - Technology Risk Oversight & Governance Expert for American Express Global Operations

Join American Express as an Information Security Manager: Safeguarding Global Financial Operations

American Express, a leader in the financial services industry, is seeking an experienced Information Security Manager to join its Worldwide Governance, Risk, and Compliance (GRC) team. As a key member of the second-line technology risk oversight crew, you will play a crucial role in ensuring the company's operations are risk-free and compliant with regulatory expectations. This is an exceptional opportunity to work with a diverse team of professionals who are passionate about building a robust technology risk management program.

About the Role

The Information Security Manager will be responsible for independently assessing and reporting risks, providing a comprehensive view of overall risks to Senior Management, Risk Management Panels, the Board, and Regulators. You will collaborate with key stakeholders across lines of business and lines of defense to ensure that risks are managed effectively and efficiently in accordance with company policies and regulatory requirements.

Key Responsibilities

• Conduct autonomous, proactive risk management and oversight of technology, cybersecurity, and business continuity management risks generated within business processes or resulting from the use of Technology.
• Perform data-driven audits focused on technology processes, cybersecurity controls, and business continuity management risks.
• Lead exploratory data analysis on large datasets using SQL, Python, and Excel to develop meaningful insights on cybersecurity and technology-related data.
• Develop and enhance data-driven key risk indicators and key performance indicators that provide real-time insights into risk and performance trends.
• Learn technology, cybersecurity, and business continuity management processes at American Express, demonstrating a strong interest and willingness to present an effective challenge.
• Stay up-to-date with relevant laws, regulations, and industry standards.
• Support the design of an independent technology risk oversight program that defines the engagement and integration with other risk management programs.

Essential Qualifications

To be successful in this role, you will need:

• A Bachelor's degree in a relevant field, such as Computer Science or Information Systems.
• 5+ years of experience in risk management across any of the three lines of defense.
• Demonstrated ability to identify risks, analyze issues, and derive meaningful insights about risk trends by conducting interviews and analyzing large volumes of data.
• Strong knowledge of IT frameworks, cloud security, cyber intelligence, and cyber incident response areas.
• Excellent analytical skills with high attention to detail and accuracy.
• Strong knowledge of at least one data mining/big data analytical tool (e.g., Microsoft Excel: Pivot Tables, SQL, SAS, Python, R).
• Brilliant critical thinking and problem-solving skills.
• Required self-starter who can work with minimal supervision.
• Phenomenal verbal, written, and interpersonal communication skills.
• Ability to challenge conventional thinking by engaging in constructive debate.

Preferred Qualifications

To stand out as a candidate, you will ideally have:

• Educational background in Software Engineering or Data Systems.
• Experience in risk management across cybersecurity, IT, third-party, and business continuity management.
• Industry certifications (e.g., CISM, CISA, CRISC, CISSP).
• Cloud security certifications (e.g., CCSK, CompTIA Cloud+, CCSP, Azure Security).
• Understanding of risk assessment methodologies, frameworks, and industry guidelines (e.g., COSO, COBIT, ISO 27001, FAIR, or NIST RMF).
• Knowledge of relevant policies and regulations (e.g., OCC Enhanced Principles, FFIEC IT booklets).
• Experience with Governance, Risk, and Compliance tools (e.g., Bowman).

Career Growth Opportunities and Learning Benefits

As an Information Security Manager at American Express, you will have the opportunity to develop your skills and expertise in a dynamic and challenging environment. You will be working with a talented team of professionals who are committed to staying ahead of the curve in terms of technology risk management. This role offers a unique chance to enhance your knowledge and experience in areas such as:

• Cybersecurity and technology risk management.
• Data analysis and insights.
• Risk assessment and mitigation.
• Compliance and regulatory requirements.
• Cloud security and IT frameworks.

Work Environment and Company Culture

American Express is committed to creating a diverse and inclusive work environment that fosters collaboration, innovation, and growth. As a remote worker, you will be part of a global team that values flexibility, work-life balance, and employee well-being. Our company culture is built on a foundation of respect, integrity, and excellence, and we are committed to providing our employees with the tools, resources, and support they need to succeed.

Compensation, Perks, and Benefits

American Express offers a competitive compensation package that includes a salary of $28 per hour. In addition to your salary, you will be eligible for a range of benefits, including:

• Comprehensive health insurance.
• Retirement savings plan.
• Paid time off and holidays.
• Opportunities for career growth and development.
• Access to cutting-edge technology and tools.
• A dynamic and supportive work environment.

Conclusion

If you are a motivated and experienced professional looking for a challenging and rewarding role, we encourage you to apply for this Information Security Manager position at American Express. As a key member of our GRC team, you will play a critical role in safeguarding our global financial operations and ensuring our continued success. With a competitive compensation package, opportunities for career growth, and a dynamic work environment, this is an opportunity you won't want to miss.

To apply, please visit our website and submit your application. We look forward to hearing from you!