Job Responsibilities: Senior Information Security Manager
Salary: $20-30/Hour
Company: American Express
Location: Boston, USA
Educational Requirements: Bachelor's Degree
You Lead the manner. We’ve got Your back.
With the proper backing, people and businesses have the electricity to development in incredible ways. While you be a part of crew Amex, you grow to be part of a global and various community of colleagues with an unwavering dedication to returned our customers, communities and each different. Here, you’ll research and grow as we help you create a profession journey that’s particular and significant to you with advantages, packages, and versatility that assist you individually and professionally.
At American specific, you’ll be recognized on your contributions, leadership, and impact—each colleague has the opportunity to share in the agency’s success. Collectively, we’ll win as a group, striving to uphold our company values and powerful backing promise to provide the sector’s best purchaser enjoy every day. And we’ll do it with the maximum integrity, and in an environment wherein each person is seen, heard and seems like they belong.
Be part of crew Amex and allow's lead the manner together.
As a part of our numerous tech crew, you could architect, code and deliver software program that makes us an essential a part of our customers’ digital lives. Here, you could paintings along gifted engineers in an open, supportive, inclusive surroundings wherein your voice is valued, and you're making your very own choices on what tech to apply to clear up hard problems. American express gives more than a few possibilities to paintings with the modern technology and encourages you to returned the broader engineering community via open source. And due to the fact we understand the importance of preserving your abilities fresh and applicable, we provide you with dedicated time to put money into your expert development. Find your area in technology of #TeamAmex.
Description
Collaborating with the Director of third celebration protection approach & Governance, this role will lead strategic 1/3 party cyber danger initiatives, construct & preserve a strong third birthday party cyber threat operating version, and power usual software compliance through reporting on related cyber risk metrics while offering consultancy services to inner collaborators.
Number one process responsibilities
- Discover and pressure opportunities for maturing the Amex 1/3 birthday celebration cyber danger application
- Force the evolution of key chance metrics to efficaciously measure third birthday party cyber fitness throughout commercial enterprise portfolios and heaps of Amex 1/3 events
- Handles an evolving reporting framework, generates metrics on 0.33 party cyber danger, and delivers relevant reports to management throughout business units and market regions, chance control committees, and different inner collaborators. Evaluates 1/3 party alignment to program and locate possibilities and standard methodologies to steer alignment with hazard urge for food
- Partners with inner collaborators to broaden, improve, & document procedures, and ensure that software meets international regulatory necessities for 1/3 celebration records protection hazard
- Develops training substances, method flows, and communication plans for socializing efforts to help execution of this system across the organisation
- Documents requirements as needed for the improvement and development of helping era products, equipment, automation scripts, and internally advanced applications
- Owns the 1/3-birthday party cyber chance strategic roadmap and portfolio
- Offers domain know-how to internal commercial enterprise customers
Qualifications
- Recognized to work at riding idea-scary critical tasks from imaginative and prescient to execution
- Need to be able to pick out proactive possibilities for development & efficiencies and to articulate plans required to attain objectives
- Revel in with matrix corporations together with multi-purposeful groups and enjoy in driving complicated, large-scale trade efforts
- Nicely-prepared, devoted teammate with the ability to prioritize every day paintings, work on a couple of tasks simultaneously, and deliver mature answers
- Need to pay proper interest to detail and reveal a natural disposition to diagnose problems, mediate differing critiques, and converge on solutions
Technical competencies & requirements
- A demonstrable document of accomplishment turning in data pushed solutions with a client-first mentality
- Stable understanding of statistics security dangers and threats, together with standards of vulnerability management, what records or belongings are of price to threat actors, and how agencies and statistics are breached, along with thru relationships with external 0.33 parties
- Familiarity with industry wellknown manipulate frameworks, safety assurance auditing requirements, exceptional practices tips, and 1/3 party regulatory requirements, along with ISO27001, NIST CSF, SSAE16/18, CSA, CIS pinnacle 20, OWASP top 10, FFIEC, and many others.
- Knowledge of modern security controls inclusive of vulnerability scanning, penetration trying out, encryption, anti-malware safety, network protection, and DLP
- Ought to have a great stability of threat control knowledge, technical know-how, and business sense
- Advanced analytical skills – both quantitative and qualitative – coupled with an capability to evaluate a state of affairs with out continually having the entire photograph
- Capacity to drive multi-useful projects with a working understanding of assignment control practices and governance
- Should have extraordinary written and communications capabilities
