You Lead the Way. We’ve Got Your Back.
With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join Team Amex and let's lead the way together.
The Global Risk & Compliance (GRC) group within American Express is responsible for providing oversight and governance of risks to ensure that the company operates in a safe and sound manner within regulatory expectations. In a world increasingly subject to digitalization and the use of technology, technology risk management has become increasingly significant across organizations, becoming one of the key themes at board meetings. Cyberattacks have become increasingly commonplace and the trend continues to move upward.
Functional Description
The Director will be part of the GRC team, and report into the Vice President of Cybersecurity, Technology, & Resiliency Risk Oversight (CTRRO) team at American Express. The Director will build, nurture, and lead a team of colleagues whose primary objective is to oversee the first-line risk-taking activities, and to leverage data to identify and report risks and issues. This is an outstanding opportunity to join a fun and growing group of entrepreneurial colleagues, all driven to innovate and advance our second-line program!
Responsibilities:
· Learn cyber security, technology, and resiliency processes demonstrating strong levels of curiosity and willingness, to present an effective credible challenge.
· Provide strategic third-party and data protection risk oversight to ensure confidentiality, integrity and availability of data.
· Leverage advanced data analytics to drive insights, proactively identifying opportunities for enhancing our security posture and swiftly adapting to emerging threats.
· Lead independent risk assessments and challenge the design and effectiveness of controls with a willingness to conduct hands-on analysis and assessments.
· Lead gap assessments per laws, regulations, and emerging trends.
· Design and implement metrics to identify and report risks.
· Attract, lead, and nurture colleagues towards a fun-filled and high energy workplace.
· Develop strong working relationships with all levels of the organization, including our executive leaders in technology and with business partners, to achieve results and enact wide-scale impact across the organization.
Qualifications:
· Demonstrates ability and aspiration for building and nurturing teams and leading complex and high impact assessments.
· Has unbridled, yet strategic, intellectual curiosity: Seeks diverse opinions, thinks critically about issues and challenges status quo.
· Demonstrates learning agility: Learns from unfamiliar experiences. Perseveres through and learns from setbacks.
· Strong verbal and written communication skills with an ability to explain complex problems and ideas clearly and succinctly to senior management.
· Analytical attitude with consistent track record of using data and business insight to develop winning strategies and drive business decision-making,
· Ability to make decisions quickly and effectively.
· Demonstrates courage and resilience.
· Ability to work in a highly collaborative environment, excellent relationship building skills and ability to influence partners with a firm strategic view.
· Highly motivated self-starter with ability to juggle multiple tasks in a fast-paced, ambiguous environment, with excellent organization skills and careful attention to detail.
· A bachelor’s degree in a related field (Preferred: Computer Science or Information Technology).
· Demonstrated ability in risk management across any of the three lines of defense.
· Possess a high degree of technical savvy, with a keen ability to learn new technology quickly and easily.
· Deep knowledge of laws, regulations, and industry frameworks (Preferred: GLBA, OCC Heightened Standards, FFIEC, NIST CSF, NIST RMF COSO, COBIT)
· Working knowledge of one or more of the data mining tools/technologies (e.g. Microsoft Excel: Pivot Tables SQL, SAS, Python, R)
· Experience in risk management across cyber security, information technology, 3rd party, business continuity management
· Industry certifications (e.g., OSCP, CISSP, CISM, CISA, CRISC)
We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.