Information Security Analyst I

About the job

You Lead the Way. We’ve Got Your Back.

At American Express, we know that with the right backing, people and businesses have the power to progress in incredible ways. Whether we’re supporting our customers’ financial confidence to move ahead, taking commerce to new heights, or encouraging people to explore the world, our colleagues are constantly redefining what’s possible — and we’re proud to back each other every step of the way. When you join #TeamAmex, you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day.

Description:

The successful candidate for this position will focus on driving remediation of vulnerabilities to the American Express environment, providing excellent customer service, researching/assessing new attack vectors and support projects that facilitate ongoing improvement to the process. A successful candidate will also demonstrate self-motivation and flexibility in supporting the team with broader initiatives as needed.

This position demands a well-organized, action-oriented team player with the ability to prioritize daily work, change directions quickly, and work on multiple projects simultaneously. Excellent written and verbal communication skills required.

Focus:

Responsible for assisting with activities designed to address information security concerns, such as security investigations, intelligence, assurance, and awareness, and/or other project oversight, including developing standard methodologies for information security standards and handling IT controls and compliance with regulatory guidance.

Organizational Context:

Works with technology and business partners across business functions/processes to ensure alignment, understanding and ongoing communication on security controls, compliance, and information security risk management. Works individually and with teams on both structured and unstructured assignments.

Job Responsibilities:

The successful candidates’ ongoing tasks will include:

  • Maintaining tickets to track relevant correspondence
  • Managing email correspondence in a professional, customer-service oriented, and technically savvy manner
  • Researching newly identified risks and producing detailed reports or assessments
  • Monitoring events and security incidents and recommending solutions using a variety of tools
  • Sending reports to business partners on a regular cadence or as needed
  • Setting up or attending meetings with customers as needed to help facilitate understanding or implementation of remediation activities
  • Tracking trends and reporting on findings
  • Providing analysis, feedback, and requirements for ongoing initiatives to improve flexibility, scalability, and efficiency
  • Providing support, insights and threat prioritization across multiple business and technical environments, covering a wide range of business/technical functions
  • Documenting current and desired future state capabilities, incorporating industry leading strategies to ensure AXP’s ability to manage threats to the environment and protect the AXP brand
  • Participating in the evaluation of applications, tools, and systems
  • Working individually and with teams on both structured and unstructured assignments

Required Skills:

  • Proficiency in technologies systems and tools including:
    • Customer service, preferably in an IT setting
    • Technical writing and documentation
    • Operational support of systems
    • Ticket management systems or workflow automation tools (Archer, ServiceNow, Swimlane)
    • Reading software programming languages (Python, HTML, Ruby, Powershell or similar)
  • Experience leveraging Information Security Best practices and Tools such as:
    • Information Security investigations and Analytics
    • Managing and interpreting results from scanning tools
  • Microsoft Office Suite fluency

Desired Characteristics:

  • Strong work prioritization, planning, and organizational skills
  • Strong analytical, reasoning, and creative problem-solving skills
  • Strong listening, communication (verbal and written) and relationship building skills
  • Ability to separate fact from opinion; clearly explain technical decisions, while understanding business impacts
  • Able to receive constructive criticism and provide effective feedback
  • Able to recognize and deal appropriately with confidential and sensitive information
  • Team oriented.

Education:

  • Bachelor’s Degree in Computer Science OR equivalent relevant experience is required
  • IT/IS certifications preferred (CYSA+, A+, Sec+, and/or Network+)

United States Only:

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.

We back our colleagues with the support they need to thrive, professionally and personally. That’s why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.

If the role you are applying for is designated as hybrid or onsite, you will be required to demonstrate that you have completed your primary COVID-19 vaccination series (i.e. 2 doses for Moderna/Pfizer and 1 dose for J&J) and, for medically eligible* colleagues, a booster shot, in order to work in or visit any of our offices. This requirement is subject to legally required accommodations.

  • Booster eligibility: The CDC has established guidelines for when adults are eligible to receive booster shots depending on when they completed their initial vaccine series (currently five months after the Pfizer-BioNTech and Moderna vaccines, and two months after the J&J Vaccine). If you have completed your primary vaccine series but have not yet reached your booster eligibility date, you will be able to come into the office; however, you will need to complete your booster within 30 days of becoming eligible to continue coming in and participating in company-sponsored in-person events.

US Job Seekers/Employees – Click here to view the “EEO is the Law” poster and supplement and the Pay Transparency Policy Statement.

If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.

More Information

Apply for this job

Leave your thoughts

Share this job