Job Description

:You Lead the Way. Weve Got Your Back.With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, youll learn and grow as we help you create a career journey thats unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.At American Express, youll be recognized for your contributions, leadership, and impact every colleague has the opportunity to share in the companys success. Together, well win as a team, striving to uphold our and powerful backing promise to provide the worlds best customer experience every day. And well do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.Join Team Amex and let's lead the way together.The Director - Information Security will be responsible for information security control enforcement, cybersecurity awareness, reporting, and enablement for the American Express Banking Corp. (AEBC). This role will lead the expansion of a first-line Bank Information Security program, manage Information Security risks unique to the Bank and ensure compliance with all policy and regulatory obligations and affiliate oversight. Additionally, this position will work closely with the Regional Information Security Office (RISO) and in-market Bank and Business leadership team to connect security best practices in the context of market strategy to form a Bank-specific perspective on risk and compliance.This role will report to the Vice President, Regional Information Security & Tech Supervisory Engagement and will work closely with the AEBC Information Security Office.Key responsibilities include:

• Partner with Information Technology Risk Management on information risk assessment and reporting related to AEBC.
• Consult on projects to ensure appropriate security protection is delivered as part of any solution.
• Support and manage the audit and examination requirements from RISO function, including close partnership with the Privacy Office, Compliance, General Council, and the broader Information Security organization, Operational excellence, and regulators.
• Operate as part of the extended Information Security leadership team in support of all security and compliance initiatives.
• Manage the interconnection of core information security functions, Regional Information Security office and American Express Bank Corp (AEBC).
• Contribute to the first line information security risk management and reporting in partnership with the Risk organizations within American Express Bank Corp.
• Establish and manage framework of governance on information security controls in complex outsourced environment.
• Liaise with 3rd party risk team, ensuring vendors establish and effectively accommodate American Express standards and needed specifications.
• Draft RFP and contractual requirement for new 3rd party engagement for AEBC.
• Participate in on-going vendor compliance engagements from an information security perspective.
• Address intensified vendor issues on behalf of Information Security team.
• Deliver leadership reporting and risk metrics that demonstrate the effectiveness of vendors cybersecurity programs.
• Participate and lead vendor-specific regulatory change implementation.
• Actively contribute to the American Express Banking Corp 3rd party related Information Security Risk Working Group and management of the inherent and residual cybersecurity risk profile of the bank.
• Participate and present 3rd party related risks in America Express Banking Corp. committee structure.

Required Skills:

• 13+ years of Information Security or Technology Risk Management leadership experience.
• 5+ years of experience working with regulators and in complex regulated businesses.
• Previous board or committee presentation experience.
• Solid written and oral presentation skills are required.
• Understanding of regulatory requirements across India Market.
• Broad understanding of information security disciplines with emphasis on vulnerability management, data protection, infrastructure security, application security, identity and access, incident management, cloud, and data analytics.
• Experience with India Data Localization and PCI requirements.
• Strong risk management acumen with the ability to link threats to risk tolerance and control effectiveness measurements.
• Commensurate academic credentials (bachelors degree / Masters Degree Preferred) and security certifications.
• Previous people leadership experience is strongly preferred.

Leadership Characteristics:

• The successful candidate for this position must be a proven leader with a track record of building and developing high performing teams with the ability to manage a large staff group including contractors and vendor partners. Will champion teams to deliver exceptional results.
• Demonstrated analytical thinking, problem solving, and adaptive communication.
• Adapts to change quickly and easily while thriving in an Agile environment.
• Candidate will have excellent written and verbal communication skills, and the ability to interact with colleagues and leaders across the organization. Executive presence to lead discussions, drive innovation, and manage priorities within a fast-paced environment.
• Strong relationship competencies, demonstrated ability to collaborate, influence and manage through conflict, and develop relationships to achieve successful outcomes with multiple band levels.
• Entrepreneurial thinker & problem solver, able to see implications beyond individual business units and markets.
• Proven ability in extending and maintaining strong relationships in a complex multi-national corporation. Ability to translate technical cyber security concepts to non-technical business leaders.
• Effective organizational skills (including attention to detail) along with the ability to collaborate and influence in a matrix environment.

We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:

• Competitive base salaries
• Bonus incentives
• Support for financial-well-being and retirement
• Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
• Generous paid parental leave policies (depending on your location)
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

American Express