DescriptionYou Lead the Way.
We’ve Got Your Back.At American Express, we know that with the right backing, people and businesses have the power to progress in incredible ways.
Whether we’re supporting our customers’ financial confidence to move ahead, taking commerce to new heights, or encouraging people to explore the world, our colleagues are constantly redefining what’s possible — and we’re proud to back each other every step of the way.
When you join TeamAmex, you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day.This job opportunity is within the Infrastructure Vulnerability Management Team.
The team is made up of infrastructure security professionals that conduct vulnerability and patch scanning, provide reporting, and drive remediation of security risks across the Enterprise.
The ideal candidate for this role will have experience in IT security, excellent communication skills, and the ability to think critically and analyze data to contribute to the success of the program.
This role is specifically designed to address Information Security exposures as identified by our internal partners.New threats to our business, our partners and customers appear on the horizon every day, so no two days are the same.
But there are some things you can count on doing: Providing guidance on information security processes, controls, and compliance, and information security risk management to team members Troubleshooting and investigating issues as they arise Prioritize remediation to minimize potential for impact.
Performing root cause analysis for vulnerabilities in the environment.
Performing as a high-level technical, subject matter expert on Infrastructure Security principles Encouraging employee contribution, such as feedback, career development planning, and goal setting.
Developing plans and strategies for information security tools, processes, and programs Responding to changes in the regulatory environment and assisting other organizations in doing the same.
Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
Performing end to end consultation for remediation from tactical to strategic effortsWe back our colleagues with the support they need to thrive, professionally and personally.
That’s why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture.
Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.If the role you are applying for is designated as hybrid or onsite, you will be required to demonstrate that you have completed your primary COVID-19 vaccination series (i.e., 2 doses for Moderna/Pfizer and 1 dose for J) and, for medically eligible colleagues, a booster shot, in order to work in or visit any of our offices.
This requirement is subject to legally required accommodations.
Booster eligibility: The CDC has established guidelines for when adults are eligible to receive booster shots depending on when they completed their initial vaccine series (currently five months after the Pfizer-BioNTech and Moderna vaccines, and two months after the J Vaccine).
If you have completed your primary vaccine series but have not yet reached your booster eligibility date, you will be able to come into the office; however, you will need to complete your booster within 30 days of becoming eligible to continue coming in and participating in company-sponsored in-person events.Qualifications Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy Strong communication and presentation skills, both oral and written Experience with vulnerability and penetration testing techniques and tools Independently stay up to date with cutting-edge adversary tradecraft and vulnerabilities Requires some knowledge and understanding of IT Security best practices and principles Networking or Security Operations Center background is a plus Ideally the candidate would have system administration experience working with more current Operating Systems.
Effective communicator who is able to relay technical messages to technical and non-technical users.
Ability to understand complex processes and anticipate downstream impact.
Effective at tracking multiple issues simultaneously and see them through to resolution.
Perform other IT security related duties and consultation as needed.
Typically has a Bachelor’s or Master’s Degree in Computer Science, Information Systems, Business Intelligence or other related field (or has equivalent work experience).
CISSP, CISM or other industry certifications is a plusEmployment eligibility to work with American Express in the U.S.
is required as the company will not pursue visa sponsorship for these positions.American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.US Job Seekers/Employees
– Click here to view the “EEO is the Law” poster and supplement and the Pay Transparency Policy Statement.If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.Job: TechnologyPrimary Location: United StatesSchedule Full-timeTags LI-REMOTEReq ID: 22004721