Information Security Analyst (HYBRID)

You Lead the Way. We've Got Your Back.

With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you'll learn and grow as we help you create a career journey that's unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.

At American Express, you'll be recognized for your contributions, leadership, and impact-every colleague has the opportunity to share in the company's success. Together, we'll win as a team, striving to uphold our company values and powerful backing promise to provide the world's best customer experience every day. And we'll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.

Join Team Amex and let's lead the way together.

As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers' digital lives. Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems. Amex offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source. And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development. Find your place in technology on #TeamAmex.

It's more than protecting information, it's protecting people.

Information Security Analysts know security is a top priority for our business, our partners, and customers. As cyber-attacks increase and compliance is rigorously implemented, they strive to stay ahead of what's next to protect our brand and future. The IT Risk Assessment - Operational Risk Event Management Team has the responsibility for being responsible for the issue management function across all American Express Technology functions. The team provides end-to-end resolution, oversight and governance for all Operational Risk Events (ORE) and Corrective Action Plans (CAP) including strengthening the control environment while enabling growth and ensuring flawless customer experiences.

You won't just see the problem, you'll drive the solution

Every day you will be asked to:

• Perform hands-on issue resolution management, guidance, and monitoring of various Capabilities to ensure ORE and Corrective Action guidelines and landmarks are met timely, and align with governance and compliance mandates.
• Collaborate with key partners on operational risk processes for Technology, such as loss event and compliance corrective action management issues and ownership of events.
• Manage and facilitate ownership issues and challenging conversations, present in customer concern risk and Bank forums.
• Facilitate and Lead Technology Ops Excellence risk and governance forums
• Support Technology partners to ensure that effective Issue resolution (via Loss Event and Corrective Action management) is implemented
• Build and maintain excellent relationships across Technology and Business Unit Operational Excellence teams
• Work closely with senior leaders and their representatives to ensure appropriate risk management, mitigation and/or elimination
• Ensure deliverables and landmarks satisfy objectives and the expectations of a variety of partners, including the CIO, CISO and other senior leaders within Technology and other internal and external partners
• Partner with key technology leads to implement process improvements and controls across AET
• Perform thematic root-cause analysis on recurring technology caused events to identify unmitigated risks and areas for control enhancements
• Lead process redesign efforts to ensure thorough and timely documentation and analysis of OREs and CAPS which includes the identification of relevant risks and implementation of mitigating controls

Do you have the determination to lead the way in cyber security?

• Bachelor's or Master's Degree in related field preferred.
• CISA, CISM, or CRISC preferred.
• 5-7 years of risk management, controls analysis, and/or issue management/remediation experience required, 10+ years of experience preferred.
• Requires deep understanding of compliance, risk management and internal IT control frameworks
• Experience with the development and/or assessment of IT General Controls
• Exceptional ability to engage, educate, influence and collaborate across the enterprise
• Experience performing thematic root cause analysis on recurring technology caused events to identify recommendations to enhance control environment
• Experience in assessing technology risks and responding through development of controls
• Experience working with audit, compliance, operational risk, regulatory, and/or control functions
• Strong ability to synthesize large amounts of data into short key messages and identify and analyze related trends
• Proven ability to adjust quickly to shifting priorities, multiple demands, ambiguity and rapid change
• Strong interpersonal and collaboration skills / ability to develop relationships with peers in business unit and central operational risk management group

REQ#23001327

Salary Range: $85,000.00 to $150,000.00 annually + bonus + benefits

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors.

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.

We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.

US Job Seekers/Employees - Click here to view the "Know Your Rights" poster and supplement and the Pay Transparency Policy Statement.

If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.