You Lead the Way. We’ve Got Your Back .
At American Express, we know that with the right backing, people and businesses have the power to progress in incredible ways. Whether we’re supporting our customers’ financial confidence to move ahead, taking commerce to new heights, or encouraging people to explore the world, our colleagues are constantly redefining what’s possible - and we’re proud to back each other every step of the way. When you join #TeamAmex, you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day.
The Information Security Specialist – Cloud Security
is an integral member of the Data Encryption Team, responsible for designing, delivering and maintaining a data encryption capability, assist in technology assessment and making security recommendations, as well as delivery of processes and technology to consistently track and deliver against goals. The IS Specialist will report to the Director of Information Security, and will work in collaboration with other IS teams, Enterprise Cloud Team, and Enterprise Architecture groups, to drive consistent, secure capability and compliance for new functions within cloud. In this role, the IS Specialist will leverage knowledge across all domains of security, assess and design cloud architectures, and influence direction for cloud across the entire AXP organization. This position demands a well-organized, action oriented team player with the ability to prioritize daily work and the ability to work on multiple initiatives simultaneously, to have a command on cutting edge technologies, and an understanding of and drive to deliver end-to-end process and solutions focused on great user experience. Strong interpersonal communications skills are required.
- Work with customers, key stakeholders and partners to define and deliver against the Data Encryption vision and roadmap.
- Document architecture, risk-based approach, plans and strategy for delivery of a secure cloud environment
- Perform threat modeling exercises on cloud platforms and service
- Define security requirements and threat models for cloud native architectures
- Partner with project management to define and deliver project tasks within an agile framework
- Act as Security partner – driving secure technology enablement for our partner teams across technology
- Ensure issues are identified, tracked, reported, and resolved in a timely manner
- Recognize and deal appropriately with confidential and sensitive information
The Data Encryption Team (DE) is tasked with providing centralized requirements and security recommendations to ensure American Express designs a cloud journey with security integration across all layers of Hybrid Cloud. The team works with multi-functional and cross-enterprise teams that define requirements, develop architecture specifications, select and pilot new technologies, develop enterprise-scale deployment plans and lead implementations for security capabilities across the AXP Cloud Journey. The program will engage and work with IS stakeholders through several channels: Creation of a Cloud Security Center of Excellence where alignment, buy-in, and consultative reviews can occur, Assist in requirements collection and tracking for Cloud security to align to IS Standards, Partner with Enterprise Architecture to build security into every facet of Architecture design, and ultimately provide security support to Cloud teams across all cloud functions
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.
- Understanding of cloud architectures sufficient to define and deliver security requirements
- 5+ years Information Security experience
- One of the following domains: Symmetric/Asymmetric Cryptography, Key Management, PKI
- Security Architecture background is preferred
- Understanding of Information Security Architecture and Engineering with experience in planning and execution of security projects.
- Cloud expertise (private or public) with understanding of microservices architectures
- KMS, PKI and mTLS
- Service-Mesh exposure/knowledge using Istio or similar
- Public Cloud (AWS, GCP, Azure etc) Experience and/or certifications preferred:
- Professional Cloud Architect
- Professional Cloud Security Engineer
- Knowledge of the latest threat vectors and actors through maintaining currency of threat landscape.
- Knowledge of the latest technology trends in Cryptography and Information Security
- Strong analytical and problem-solving skills with ability to clearly articulate solution alternatives
- Ability to collaborate effectively, work closely within a coordinated team environment, and maintain composure while dealing with time sensitive deadlines
- A self-starter with excellent verbal and written communication skills
- Bachelor’s degree or equivalent work experience is required