Information Security Manager - Technology Risk Oversight & Management Expert (Full-time, Remote Opportunity with American Express)

Unlock a Rewarding Career in Information Security with American Express

American Express, a global leader in financial services, is seeking an experienced Information Security Manager to join its Worldwide Governance, Risk, and Compliance (GRC) team. As a key member of the second-line technology risk oversight crew, you will play a vital role in ensuring the company's technology risk management program is robust and effective.

About American Express and the GRC Team

American Express is a renowned financial services corporation that operates in a rapidly evolving digital landscape. The GRC team is responsible for providing oversight and guidance on risk management to ensure the company operates within regulatory expectations. As a critical component of this team, the Information Security Manager will be instrumental in identifying, assessing, and mitigating technology risks that could impact the organization's operations.

Key Responsibilities

• Conduct independent, proactive risk management and oversight of technology, cybersecurity, and business continuity management risks.
• Perform data-driven audits focused on technology processes, cybersecurity controls, and business continuity management risks.
• Lead exploratory data analysis on large datasets using SQL, Python, and Excel to develop meaningful insights on cybersecurity and technology-related data.
• Create and upgrade data-driven key risk indicators and key performance indicators that provide real-time insights into risk and performance trends.
• Develop a thorough understanding of American Express's technology, cybersecurity, and business continuity management processes.
• Stay up-to-date with relevant regulations, guidelines, and industry standards.
• Support the design of an independent technology risk oversight program that defines the commitment and integration with various risk management programs.

Essential Qualifications and Skills

To be considered for this role, you must possess:

• A Bachelor's degree in a relevant field, such as Computer Science or Information Systems.
• At least 5 years of experience in risk management across any of the three lines of defense.
• Demonstrated ability to identify risks, analyze issues, and provide meaningful insights about risk trends.
• Strong knowledge of framework, cloud security, cyber intelligence, and cyber incident response areas.
• Excellent analytical skills with high attention to detail and accuracy.
• Solid understanding of at least one data mining/big data analytical tool (e.g., Microsoft Excel: Pivot Tables, SQL, SAS, Python, R).
• Strong critical thinking and problem-solving skills.
• Ability to work with minimal supervision and excellent verbal, written, and interpersonal communication skills.

Preferred Qualifications and Skills

While not mandatory, the following qualifications and skills are highly desirable:

• Educational background in Software Engineering or Data Systems.
• Experience in risk management across cybersecurity, IT, third-party, and business continuity management.
• Industry certifications (e.g., CISM, CISA, CRISC, CISSP).
• Cloud security certifications (e.g., CCSK, CompTIA Cloud+, CCSP, Azure Security).
• Understanding of risk assessment methodologies, frameworks, and industry guidelines (e.g., COSO, COBIT, ISO 27001, FAIR, or NIST RMF).
• Knowledge of relevant policies and regulations (e.g., OCC Enhanced Principles, FFIEC IT booklets).
• Experience with Governance, Risk, and Compliance tools (e.g., Bowman).

Career Growth Opportunities and Learning Benefits

As a member of the GRC team at American Express, you will have access to a wealth of knowledge and expertise in risk management and information security. This role offers a unique opportunity to develop your skills and expertise in a dynamic and evolving field. You will be able to:

• Work with a diverse and talented team of professionals.
• Develop a deep understanding of American Express's technology risk management program.
• Stay up-to-date with the latest industry trends and best practices.
• Enhance your analytical, problem-solving, and communication skills.

Work Environment and Company Culture

American Express is committed to creating a work environment that is inclusive, diverse, and supportive. As a remote worker, you will be part of a global team that values collaboration, innovation, and teamwork. The company offers a range of benefits and perks, including:

• Competitive compensation package.
• Opportunities for career growth and development.
• Flexible work arrangements.
• Access to cutting-edge technology and tools.

Compensation and Benefits

The salary for this role is $28 per hour. American Express offers a comprehensive benefits package that includes a range of perks and rewards. While specific details are not provided, you can expect a competitive compensation package that reflects your skills and experience.

Join the American Express Team

If you are a motivated and experienced information security professional looking for a challenging and rewarding role, we encourage you to apply for this exciting opportunity. As an Information Security Manager at American Express, you will play a critical role in shaping the company's technology risk management program and contributing to its continued success.

Don't miss this chance to join a global leader in financial services and take your career to the next level. Apply now and become part of the American Express team!