Mgr-Tech Risk & Control

Description

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.

Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

Joining Amex Tech means discovering and shaping your contribution to something big. Here, you can work alongside talented tech teams and build a unique career with the Powerful Backing of American Express. With a range of opportunities to work with the latest technologies, and a commitment to back the broader engineering community through open source, our mission is to power your success. Because Amex Tech is powered by our technology, our culture, and our colleagues.

How will you make an impact in this role?

Responsibilities

As a Manager, Technology Risk & Control in the Technology Resilience team you will be responsible for identifying, assessing, and mitigating risks associated with the firm's technology infrastructure and operations. This includes developing risk management strategies, implementing controls, and ensuring compliance with regulatory requirements to protect the organization's assets and data.

• Oversees the management and integration of several projects simultaneously, adjusting scope, timing, and budgets to efficiently utilize resources and adhere to program timelines and budgets
• Directs and oversees risk assessments to determine the residual risk within the organization's technology environments, ensuring all areas are evaluated for non-compliance
• Manages the identification and evaluation of controls and adherence to controls, ensuring effective implementation and reporting
• Oversees the development and implementation of strategic mitigation strategies to address identified risks, ensuring robust protection of the organization's technology infrastructure
• Oversees continuous monitoring of technology environments to detect, analyze, and respond to emerging threats in real-time, utilizing advanced threat detection tools and techniques to ensure prompt and effective incident response
• Provides a balanced approach to risk-taking, ensuring alignment with the organization's overall risk appetite and compliance standards, while adhering to regulatory requirements and industry best practices
• Supervises the development and maintenance of comprehensive risk management frameworks and documentation, ensuring that all risk management activities are standardized, documented, and consistently applied across the organization
• Prepares and presents detailed risk management reports and documentation to senior leadership and stakeholders, providing clear and accurate records of risk assessments, mitigation actions, and compliance status

Education/Knowledge

• Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, and/or comparable experience
• Advanced knowledge of global technology standards and applicable regulations
• Advanced knowledge of technology control domains such as Identity & Access Management, Security Architectures, Security Governance & Operations, IT General Controls, Security Testing, and Cloud Security
• Proficiency in enterprise risk management with an emphasis on operational risk management and technology risk

Work Experience

• Experience in technology risk & control and information security
• Experience in risk assessment methodologies and advanced mitigation strategies
• Experience in processing regulatory requirements and compliance standards in the technology sector
• Experience with Compliance Management and Risk Assessment tools such as ServiceNow GRC, SAP GRC, LogicGate, RSA Archer, MetricStream, RiskWatch
• Experience with Data Visualization and Reporting tools such as Tableau, PowerBI
• Experience with documentation tools, such as VISIO or ACE Studio

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

• Competitive base salaries 
• Bonus incentives 
• Support for financial-well-being and retirement 
• Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) 
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need 
• Generous paid parental leave policies (depending on your location) 
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) 
• Free and confidential counseling support through our Healthy Minds program 
• Career development and training opportunities

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.  

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.