Information Security Manager-IT Risk Assessment/ Operational Risk Event Management
DescriptionYou Lead the Way.
We ve Got Your BackWith the right backing, people and businesses have the power to progress in incredible ways.
When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities, and each other.
Here, you ll learn and grow as we help you create a career journey that s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you ll be recognized for your contributions, leadership, and impact every colleague has the opportunity to share in the company s success.
Together, we ll win as a team, striving to uphold our company values and powerful backing promise to provide the world s best customer experience every day.
And we ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join #TeamAmex and let s lead the way together.
As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers digital lives.
Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems.
American Express offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source.
And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development.
Find your place in technology of #TeamAmex.
It s more than protecting information, it s protecting people.
Information Security Managers know security is a top priority for our business, our partners, and customers.
As cyber-attacks increase and compliance is rigorously implemented, they strive to stay ahead of what s next to protect our brand and future.
The IT Risk Assessment Operational Risk Event Management Team has the responsibility for coordinating the issue management function across all American Express Technology functions.
The team provides end-to-end resolution and governance for all Operational Risk Events (ORE) and Corrective Action Plans (CAP) including strengthening the control environment while enabling growth and ensuring flawless customer experiences.
You won t just see the problem, you ll drive the solutionOn a daily you will be asked to:
Perform hands-on issue resolution management, guidance, and monitoring of various Capabilities to ensure ORE and CAP guidelines and landmarks are met timely and align with governance and compliance mandates.
Collaborate with key team members on operational risk processes for Technology, such as loss events and compliance issues and ownership of events.
Manage and facilitate ownership issues and concerns in risk and Bank forums.
Facilitate and Lead Technology Ops Excellence risk and governance forumsSupport Technology partners to ensure that effective Issue resolution (via Loss Event and Corrective Action management) is implementedBuild and maintain excellent relationships across Technology and Business Unit Operational Excellence teamsWork closely with senior leaders and their representatives to ensure appropriate risk management, mitigation and/or elimination.
Ensure deliverables satisfy objectives and the expectations of a variety of partners, including the CIO, CISO and other senior leaders within Technology and other areas.
Partner with key technology leads to implement process improvements and controls across Technology as related to OREs.
Perform thematic root cause analysis and collaborate on recurring technology caused events to identify unmitigated risks and areas for control enhancements.
Lead process redesign efforts to ensure detailed and timely documentation and analysis of OREs and CAPS which includes the identification of relevant risks and implementation of mitigating controls.
Minimum
Qualifications:
Bachelor s Degree in related field.
5-7 years of risk management, controls analysis, and/or 10
years issue management/remediation experience required.
Experience with the development and/or assessment of IT General Controls.
Deep understanding of compliance, risk management and internal IT control frameworksOutstanding ability to engage, educate, influence, and collaborate across organizations.
Experience in assessing technology risks and responding through development of controlsExperience working with audit, compliance, operational risk, regulatory, and/or control functions.
Solid ability to synthesize large amounts of data into short key messages and identify and analyze related trendsConsistent record of adjusting quickly to shifting priorities, multiple demands, ambiguity and rapid change.
Strong interpersonal and partnership skills / ability to develop relationships with peers in business unit and central operational risk management groupCyber security knowledgePreferred
Qualifications:
CISA, CISM, or CRISCMaster s degreeQualificationsSalary Range:
$110,000.
00 to $190,000.
00 annually
bonus
benefitsThe above represents the expected salary range for this job requisition.
Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors.
We back our colleagues and their loved ones with benefits and programs that support their holistic well-being.
That means we prioritize their physical, financial, and mental health through each stage of life.
Benefits include:
Competitive base salaries Bonus incentives 6% Company Match on retirement savings plan Free financial coaching and financial well-being support Comprehensive medical, dental, vision, life insurance, and disability benefits Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need 20
weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunitiesFor a full list of Team Amex benefits, visit our Colleague Benefits Site.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
We back our colleagues with the support they need to thrive, professionally and personally.
That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture.
Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.
US Job Seekers/Employees - Click here to view the Know Your Rights poster and the Pay Transparency Policy Statement.
If the links do not work, please copy and paste the following URLs in a new browser window:
to access the three posters.
Employment eligibility to work with American Express in the U.
S.
is required as the company will not pursue visa sponsorship for these positions.
Job Field:
TechnologySchedule:
Full-time.
Estimated Salary: $20 to $28 per hour based on qualifications.
We ve Got Your BackWith the right backing, people and businesses have the power to progress in incredible ways.
When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities, and each other.
Here, you ll learn and grow as we help you create a career journey that s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you ll be recognized for your contributions, leadership, and impact every colleague has the opportunity to share in the company s success.
Together, we ll win as a team, striving to uphold our company values and powerful backing promise to provide the world s best customer experience every day.
And we ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join #TeamAmex and let s lead the way together.
As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers digital lives.
Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems.
American Express offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source.
And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development.
Find your place in technology of #TeamAmex.
It s more than protecting information, it s protecting people.
Information Security Managers know security is a top priority for our business, our partners, and customers.
As cyber-attacks increase and compliance is rigorously implemented, they strive to stay ahead of what s next to protect our brand and future.
The IT Risk Assessment Operational Risk Event Management Team has the responsibility for coordinating the issue management function across all American Express Technology functions.
The team provides end-to-end resolution and governance for all Operational Risk Events (ORE) and Corrective Action Plans (CAP) including strengthening the control environment while enabling growth and ensuring flawless customer experiences.
You won t just see the problem, you ll drive the solutionOn a daily you will be asked to:
Perform hands-on issue resolution management, guidance, and monitoring of various Capabilities to ensure ORE and CAP guidelines and landmarks are met timely and align with governance and compliance mandates.
Collaborate with key team members on operational risk processes for Technology, such as loss events and compliance issues and ownership of events.
Manage and facilitate ownership issues and concerns in risk and Bank forums.
Facilitate and Lead Technology Ops Excellence risk and governance forumsSupport Technology partners to ensure that effective Issue resolution (via Loss Event and Corrective Action management) is implementedBuild and maintain excellent relationships across Technology and Business Unit Operational Excellence teamsWork closely with senior leaders and their representatives to ensure appropriate risk management, mitigation and/or elimination.
Ensure deliverables satisfy objectives and the expectations of a variety of partners, including the CIO, CISO and other senior leaders within Technology and other areas.
Partner with key technology leads to implement process improvements and controls across Technology as related to OREs.
Perform thematic root cause analysis and collaborate on recurring technology caused events to identify unmitigated risks and areas for control enhancements.
Lead process redesign efforts to ensure detailed and timely documentation and analysis of OREs and CAPS which includes the identification of relevant risks and implementation of mitigating controls.
Minimum
Qualifications:
Bachelor s Degree in related field.
5-7 years of risk management, controls analysis, and/or 10
years issue management/remediation experience required.
Experience with the development and/or assessment of IT General Controls.
Deep understanding of compliance, risk management and internal IT control frameworksOutstanding ability to engage, educate, influence, and collaborate across organizations.
Experience in assessing technology risks and responding through development of controlsExperience working with audit, compliance, operational risk, regulatory, and/or control functions.
Solid ability to synthesize large amounts of data into short key messages and identify and analyze related trendsConsistent record of adjusting quickly to shifting priorities, multiple demands, ambiguity and rapid change.
Strong interpersonal and partnership skills / ability to develop relationships with peers in business unit and central operational risk management groupCyber security knowledgePreferred
Qualifications:
CISA, CISM, or CRISCMaster s degreeQualificationsSalary Range:
$110,000.
00 to $190,000.
00 annually
bonus
benefitsThe above represents the expected salary range for this job requisition.
Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors.
We back our colleagues and their loved ones with benefits and programs that support their holistic well-being.
That means we prioritize their physical, financial, and mental health through each stage of life.
Benefits include:
Competitive base salaries Bonus incentives 6% Company Match on retirement savings plan Free financial coaching and financial well-being support Comprehensive medical, dental, vision, life insurance, and disability benefits Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need 20
weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunitiesFor a full list of Team Amex benefits, visit our Colleague Benefits Site.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
We back our colleagues with the support they need to thrive, professionally and personally.
That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture.
Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.
US Job Seekers/Employees - Click here to view the Know Your Rights poster and the Pay Transparency Policy Statement.
If the links do not work, please copy and paste the following URLs in a new browser window:
to access the three posters.
Employment eligibility to work with American Express in the U.
S.
is required as the company will not pursue visa sponsorship for these positions.
Job Field:
TechnologySchedule:
Full-time.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
