The Information Security Analyst will be responsible for assisting in the research, mitigation, and coordination of actions designed to reduce information security risk across the web application portfolio, as well as critical infrastructure. The ideal candidate will provide clear communication and collaboration with internal and external teams, have a strong desire for growth and being part of a high functioning team.
- · Assist in the development and optimization of critical operational programs and processes in support of web application security and production operations, including:
- · Research emerging vulnerabilities and web application penetration techniques.
- · Create and maintain clear comprehensive documentation of process and procedure.
- · Daily monitoring of security tools, responding to threats and anomalies and escalation as needed.
- · Ability to support and contribute to strategic plan for continuous process / program improvement
- · Support efforts to implement new technology concepts, identify enhancements and help evolve existing platforms
- · Assist in POCs, and detailed assessments for new partnerships.
- · Support Risk reduction by collaborating actively with teams across the enterprise
- · Monitor appropriate Key Risk Indicators (KRI) to proactively identify exposures or control weaknesses
- · Thrive in being a member of a high functioning security team and in continuous personal growth.
- · Knowledge and experience with general information security principles and best practices, with application security domain experience preferred.
- · Three or more years of Information security experience
- · Ability to meet commitments and manage priorities in a fast paced environment
- · Experience in AXP standards and strategies is a plus
- · Experience with various operating systems.
- · Basic Network and Security Experience- TCP/IP, Firewalls, IPS/IDS, PKI, Load Balancing.
- · Ability to communicate technical topics and facilitate discussions with technology peers
- · Requires an ability to operate processes and methodologies in a manner that effectively supports business and information security objectives
- · Confident in written and verbal communication and interpersonal skills
- · Demonstrated collaboration skills along with the ability to influence without authority
- · Ability to coordinate with geographically diverse teams to drive results
Educational requirement: Degree in Management Information Systems, Information Security, or Information Technology, or equivalent work experience required
Preferred Additional: Industry recognized security certifications including CISM, CISSP, CSSLP, and CEH are considered a plus.
Why American Express
Talk to our people and you’ll find out what we’re really all about. Open, creative, risk-taking, collaborative and innovative are just some of the expressions you’ll hear. It’s our culture that makes American Express an outstanding place to work, and a big part of why we regularly win best workplace awards all over the world. If you’re ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law.
US Candidates/Employees: Click here to view the “EEO is the Law” poster and supplement and the Pay Transparency Policy Statement.
If the links do not work, please copy and paste the following URLs in a new browser window: