You Lead the Way. We've Got Your Back.
With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you'll learn and grow as we help you create a career journey that's unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you'll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company's success. Together, we'll win as a team, striving to uphold our company values and powerful backing promise to provide the world's best customer experience every day. And we'll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join Team Amex and let's lead the way together.
The Information SecurityManagerroleis part of thethird-party securityteamwithin TechnologyRisk & Information Security(TRIS),andis responsible forsecurity control enforcement, awareness,and enablementofAmerican Express standard controls at 3rdparty environment.
This position, reporting to the Director ofInformation Security,is responsible forassessing the information security risk associated with Third Parties andfacilitatingand/or performing information security assessments of those Third Parties.The person in this position willbe responsible formanaging third party security risk specifically focused on aspects of assessing, monitoring,providingriskexpertiseonsecurity control domains,processupliftrecommendations,andprovidingprofessional guidance to key stakeholders of the programon information securityaspects.
The ideal candidate for this role has an extensive background in risk management/ Audit / Information Security.They are dynamic, with the ability to manage a fluctuating workload with competing deadlines. The candidate is highly inquisitive with a healthy dose of cautiousness,has a broad-based perspective and thrives on building a network of internal and external alliances. S/he has highly developed communication skills, excellent time management and an acute attention to detailResponsibilities:
Partner with the BU to complete third party risk assessments and ensure adherence to program requirements.
Assistwith risk analysis and security posture evaluationsof Third Parties to supportsecurityassessment activities, including vulnerability threat assessments
Execute or facilitateexecution of information security assessments for in-scope third parties,assess the quality of assessments conducted by External Assessors, define risk ratings as appropriate tothe control failures, etc.
Review and evaluate the security controls of third-party vendors to ensure they align with the AXP'ssecurity standardsand explains control requirements to the business colleagues and third parties, as appropriate
Partner with other colleagues in third party security team in sharing inputs towards third party assessment questionnaires and Guidance documents
Conduct training and awareness sessions for internal stakeholders on third-party security risks and best practices. Be anInformation Security Risk Expert forteam and other stakeholders
Foster strong relationships with Business colleaguesand TLM teamto promote security best practices and collaboration
Support with security and compliance initiativesas led by third party securityteam
Requirements/ Qualification:
Thorough knowledge of information security components, principles, practices, and procedures
Information security specialist with8+years of experience
A broad understanding of the IT controls and best practices across key risk domains,includingrisk assessmentmethodology,application security,network and infrastructure security,Dataloss prevention, and incident managementis recommended
Prior experiencemanagingrisk assessments; includingbackground inaudit,information security, Third Party Risk/Oversight, or other risk control functions
Strong knowledge of information security frameworks (e.g., NIST, ISO 27001) and regulatory requirements
Proficiencyin risk assessment methodologies and third-party risk management tools
Attention to Detail: Careful evaluation of vendor security practices and documentation
Excellentcommunication, negotiation, and stakeholder management skills, able to effectively communicate at all levels within the organization
Being flexible and able to adjust to new needs andnew technologies, and be comfortable with ambiguity
Strategic Thinking: Ability to align third-party security with broader organizational objectives
Relevant certifications such as CISSP, CISM,CISA,CRISC,ISO 27001are preferred
Compliance Language
We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:
Competitive base salaries
Bonus incentives
Support for financial-well-being and retirement
Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
Generous paid parental leave policies (depending on your location)
Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
Free and confidential counseling support through our Healthy Minds program
Career development and training opportunities
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:
Competitive base salaries
Bonus incentives
Support for financial-well-being and retirement
Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
Generous paid parental leave policies (depending on your location)
Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
Free and confidential counseling support through our Healthy Minds program
Career development and training opportunities
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
WHY JOIN CAPCO? You will work on engaging projects with some of the largest banks in the world, on projects that will transform the financial services indust...
Capco - India
Published a month ago
Responsibilities and Deliverables •Hands on experience monitoring, managing, and maintaining high availability web systems (Windows and Linux) as a System Ad...
Fortive - India
Published 12 days ago
Aircall is a place where voices are valued. Backed by over $220 million of investment since 2015, we create technology that fuels accessible, transparent an...
Aircall - India
Published 7 days ago
Aircall is a place where voices are valued. Backed by over $220 million of investment since 2015, we create technology that fuels accessible, transparent an...
Aircall - India
Published 7 days ago
Built at: 2024-12-25T17:01:23.842Z