Job Responsibilities: Senior Information Security Manager
Salary: $20-30/Hour
Company: American Express
Location: Columbia, USA
Educational Requirements: Bachelor's Degree
You Lead the way. We’ve got Your back.
With the proper backing, humans and companies have the power to development in top notch methods. Whilst you join team Amex, you turn out to be a part of a worldwide and numerous network of associates with an unwavering commitment to lower back our clients, groups and each different. Right here, you’ll learn and grow as we assist you create a profession adventure that’s particular and meaningful to you with benefits, applications, and flexibility that guide you individually and professionally.
At American explicit, you’ll be identified to your contributions, management, and effect—each colleague has the opportunity to share in the agency’s achievement. Together, we’ll win as a team, striving to uphold our company values and effective backing promise to provide the world’s fine customer revel in every day. And we’ll do it with the utmost integrity, and in an surroundings in which all of us is seen, heard and seems like they belong.
Be part of group Amex and permit's lead the way collectively.
As part of our various tech crew, you can architect, code and ship software program that makes us an important part of our customers’ digital lives. Here, you may work along gifted engineers in an open, supportive, inclusive environment where your voice is valued, and you are making your personal decisions on what tech to apply to resolve tough troubles. American express offers more than a few opportunities to work with the brand new technology and encourages you to back the broader engineering network through open supply. And due to the fact we recognize the significance of retaining your abilities sparkling and relevant, we give you devoted time to spend money on your expert development. Discover your region in generation of #TeamAmex.
Description
Collaborating with the Director of 1/3 birthday party protection approach & Governance, this function will lead strategic 1/3 birthday party cyber risk projects, construct & hold a sturdy 0.33 birthday party cyber threat working version, and power average software compliance via reporting on related cyber threat metrics even as supplying consultancy services to internal collaborators.
Primary process duties
- Identify and drive opportunities for maturing the Amex 1/3 birthday party cyber risk program
- Drive the evolution of key danger metrics to correctly degree 0.33 birthday celebration cyber health throughout business portfolios and thousands of Amex third parties
- Handles an evolving reporting framework, generates metrics on 0.33 celebration cyber threat, and provides relevant reports to management throughout commercial enterprise units and marketplace regions, chance control committees, and different inner collaborators. Evaluates 0.33 celebration alignment to software and locate possibilities and widespread methodologies to persuade alignment with danger urge for food
- Companions with inner collaborators to develop, improve, & file procedures, and ensure that software meets worldwide regulatory necessities for third celebration records safety danger
- Develops schooling substances, process flows, and verbal exchange plans for socializing efforts to assist execution of this system throughout the company
- Files requirements as wished for the improvement and development of assisting era merchandise, gear, automation scripts, and internally advanced programs
- Owns the 0.33-party cyber chance strategic roadmap and portfolio
- Affords domain understanding to inner business clients
Qualifications
- Recognised to paintings at using concept-frightening vital tasks from vision to execution
- Ought to be able to discover proactive opportunities for improvement & efficiencies and to articulate plans required to attain targets
- Revel in with matrix agencies along with multi-purposeful teams and revel in in driving complex, large-scale change efforts
- Nicely-organized, committed teammate with the potential to prioritize every day paintings, work on more than one initiatives concurrently, and supply mature answers
- Have to pay proper interest to element and demonstrate a herbal disposition to diagnose issues, mediate differing opinions, and converge on solutions
Technical abilties & requirements
- A demonstrable report of accomplishment delivering records pushed answers with a client-first mentality
- Solid information of statistics security risks and threats, which includes standards of vulnerability control, what statistics or belongings are of value to risk actors, and the way businesses and information are breached, including through relationships with external 1/3 events
- Familiarity with industry preferred manipulate frameworks, protection guarantee auditing requirements, quality practices guidelines, and third party regulatory necessities, together with ISO27001, NIST CSF, SSAE16/18, CSA, CIS top 20, OWASP pinnacle 10, FFIEC, and many others.
- Know-how of cutting-edge protection controls consisting of vulnerability scanning, penetration trying out, encryption, anti-malware protection, network protection, and DLP
- Must have a terrific stability of risk management understanding, technical expertise, and commercial enterprise sense
- Superior analytical abilities – both quantitative and qualitative – coupled with an potential to assess a state of affairs with out constantly having the overall photograph
- Capacity to pressure multi-purposeful tasks with a running understanding of undertaking management practices and governance
- Must have wonderful written and communications competencies
