Director & Business Information Security Officer - American Express National Bank (AENB)

American Express - Salt Lake City, UT

Why American Express?
There’s a difference between having a job and making a difference.

American Express has been making a difference in people’s lives for over 160 years,
backing them in moments big and small, granting access, tools, and resources to take
on their biggest challenges and reap the greatest rewards.

We’ve also made a difference in the lives of our people, providing a culture of learning
and collaboration, and helping them with what they need to succeed and thrive. We
have their backs as they grow their skills, conquer new challenges, or even take time to
spend with their family or community. And when they’re ready to take on a new career
path, we’re right there with them, giving them the guidance and momentum into the
best future they envision.

Because we believe that the best way to back our customers is to back our people.

The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it.

Director & Business Information Security Officer – American Express National Bank (AENB)

The Business Information Security Officer (BISO) function within Information Security is responsible for information security control enforcement, cybersecurity awareness and enablement for the American Express National Bank (AENB).

Responsibilities Include:
Manage the interconnection between core information security functions and the Bank.
Lead first line information security risk management and reporting in partnership with the Risk organizations AENB.
Deliver leadership reporting and risk metrics that demonstrate the effectiveness of the cyber security program to AENB.
Consult on Business & Technologies projects to ensure appropriate security protection is delivered as part of any solution
Respond to audit and examination requirements for the BISO function
Operate as part of the extended Information Security leadership team in support of all security and compliance initiatives
Be a voting member on the Information Security Risk Management Committee

Required Skills:
5-10 years of Information Security leadership experience
Experience working with Regulators and in complex regulated businesses
Broad understanding of information security disciplines with emphasis on vulnerability management, data protection, infrastructure security, application security, identity and access, incident management and data analytics
Strong in risk management. Ability to link threats to risk tolerance and control effectiveness measurements.
Understanding of cyber regulatory landscape

Desired Leadership Characteristics:
Calm and decisive under pressure. Natural operational leadership in stressful situations
Ability to prioritize actions for the benefit of the organization to remain focused on most critical issues
Initiative and energy to go beyond minimum requirements of effort and activity; a bias for action and for getting things done
Experience in developing high performing talent
Proven ability in extending and maintaining strong relationships in a complex multi-national corporation. Ability to translate technical cyber security concepts to non-technical business leaders
Strong problem solver with the ability to use analytical methods to affect change
Effective organizational skills (including attention to detail) along with the ability to collaborate and influence in a matrix environment
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

ReqID: 19008765
Schedule (Full-Time/Part-Time): Full-time
Date Posted: May 9, 2019, 5:07:38 PM