Azpipeline_org

  Back to All Job Opportunities

Information Security Analyst
American Express    Phoenix, AZ 85067
     

**Description**

Why

American Express?

There’s

a difference between having a job and making a difference.

American

Express has been making a difference in people’s lives for over 160

years, backing them in moments big and small, granting access, tools, and

resources to take on their biggest challenges and reap the greatest

rewards.

We’ve

also made a difference in the lives of our people, providing a culture of

learning and collaboration, and helping them with what they need to succeed

and thrive. We have their backs as they grow their skills, conquer new

challenges, or even take time to spend with their family or community. And

when they’re ready to take on a new career path, we’re right there with

them, giving them the guidance and momentum into the best future they

envision.

Because

we believe that the best way to back our customers is to back our people.

The

powerful backing of American Express.

Don’t

make a difference without it.

Don’t

live life without it.

**It’s more thanprotecting systems and data.**

**It’s protecting people.**

Our Information Security

Managers know that security is a top priority for our business and our partners

and customers. Today, as cyber-attacks increase and compliance is more

rigorously enforced, we look to them to stay ahead of what’s next and to protect

our business and our future. So if you are dedicated to the latest

technology and motivating others, secure your career here.

**You won’t just see theproblem coming, you’ll see the solution.**

New threats to our

business, our partners and customers appear on the horizon every day, so no two

days are the same. But there are some things you can count on doing:

+ Providing guidance on information security processes,controls, and compliance, and information security risk management to teammembers

+ Encouraging employee contribution, such as feedback,career development planning, and goal setting.

+ Developing plans and strategies for informationsecurity tools, processes, and programs

+ Responding to changes in the regulatory environment andassisting other organizations in doing the same.

+ Making strategic recommendations to enhance informationsecurity, including processes, procedures, governance approaches, andcompliance.

**Qualifications**

The AXP Infrastructure Vulnerability Management Team reduces cyber risk by identifying and reporting on vulnerabilities in the enterprise cyber environment through coordinated program initiatives. In this role you will partner closely with technology teams to shape the cloud container vulnerability management strategy. You will coordinate and work with our internal cloud teams on the implementation of a robust vulnerability identification/management process for containers and communicate to senior management on milestone accomplishments, progress to plan and effectiveness of chosen products. The idea candidate should have a passion for security and demonstrate a desire to grow in this space.

**Required Skills & Qualifications:**

+ Working knowledge and experience in DevOps software development practices

+ Experience and understanding of build pipeline best practices and tools

+ Experience/Knowledge with container management, specifically vulnerability and anomaly using products such as Twistlock or Sysdig

+ Knowledge and understanding of Cloud security and privacy concepts

+ Knowledge and understanding of vulnerability and penetration testing techniques and tools a plus

+ Understands and supports the “shift left” mentality for vulnerability identification

+ Ability to deliver detailed documentation and communication in a narrative format

+ Engineer level experience with Cloud, IP network tech, OS, programming or source code analysis, DevOps, build pipelines

+ Strong communication and presentation skills, both oral and written. Must be able to communicate effectively and build relationships with individual’s at all organizational levels and in multiple situations and settings

+ Strong desire to continue to learn and explore emerging technologies focused on Cloud security specifically vulnerability identification and management

+ Idea candidates have either a CISSP or CISM certification, RHCE- Red Hat Certified Engineer or LINUX CompTIA

+ Bachelor’s degree in Computer Science, Information Systems, or other related field (or has equivalent work experience)

**The ideal candidate should possess working knowledge of one or more of the following technologies:**

* Cloud platforms – Private, Public, Hybrid

* Service models - Iaas, PaaS, SaaS, FaaS

* Chef, Puppet, Jenkins, Ansible

* Cloud Database technologies

* Docker, Openstack, Open source, VMware, OpenShift

* IP Network technologies

* Linux/Microsoft operating systems and related technologies

**Key Areas of Focus:**

Works with various cloud technology, vendor and business partners across business functions/process to ensure alignment, understanding and ongoing communication on security controls and information security risk management specific to container end to end vulnerability management. Works individually and with teams on both structured and unstructured assignments. Serves as an information security or other domain liaison for technology programs and initiatives.

**Scope of the Role:**

* Provides day-to-day operational input into functional processes and delivery under the guidance of the Information Security Director

* Collaborate with other security resources and act as a mentor to those interested in developing their information security or other domain knowledge

* Make difficult and timely decisions regarding simple and complex business problems

+ Accountable for ensuring security best practices, policies, and procedures are recommended and communicated

* Provide consultation to internal Tech partners, customers and Vendors in assessing information security risks and mitigating controls to protect corporate intellectual capital and other sensitive data

Employment eligibility to work with American Express in

the U.S. is required as the company will not pursue visa sponsorship for these

positions.

**American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.**

**Job:** Technology

**Primary Location:** US-Arizona-Phoenix

**Schedule** Full-time

**Req ID:** 20007543

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.

  Back to All Job Opportunities

Job Details


Employment Type

Full Time