Log In
Sign Up
Job DescriptionThe Enterprise Technology Services organization partners with every part of the American Express business to power the company’s growth and innovation with trust and efficiency, and drive competitive differentiation with speed. We support the delivery and operations of technology, digital, and data capabilities, platforms, and services globally. Specifically, our team is responsible for the company’s technology engineering, architecture, and infrastructure, providing 24×7 support to ensure an uninterrupted, high-quality experience for customers and colleagues. We also provide product management for core enterprise platforms, and lead technology risk and information security, enterprise data governance and platforms, digital product and design, and enterprise AI platforms on behalf of the company.As part of Cybersecurity Operations, you will serve within an organization responsible for front-line cyber defense of American Express. We prepare for, detect, and respond to cyber threats through intelligence-driven actions that strengthen resilience and employer AMEX to deliver the world’s most trusted customer experience.Specifically, you will join a global program at American Express and be a lead individual contributor to our ongoing activities to help reduce cyber risks to the Company, the Financial Services sector and in the Information Security industry. You will be an integral part of an innovative team that plans, develops, and delivers exercises simulating cyber security incidents to improve company-wide readiness for real-world incidents. American Express is a recognized leader in the Financial Services sector, and you will be influential in helping advance the Company’s resilience and cyber risk management processes.ResponsibilitiesPlan and deliver multiple cyber exercises in conjunction with internal teams, vendor partners, and external organizations as applicable. Develop and maintain an annual cyber exercise roadmap aligned to enterprise risks, regulatory expectations, and control testing needs. Manage the complete lifecycle of exercise products and drive continuous improvement through formal after-action reports (AARs), remediation tracking, executive readouts, end-of-year planning, and strategic roadmaps. Lead cross-functional project teams and work with internal and external business partners to determine and translate technical and business requirements into exercise solutions that help reduce cyber risks for American Express and it’s partners. Coordinate with global teams across the organization to plan and conduct market-specific cyber exercises including crisis incident management teams at the tactical, senior executive, and board levels. Familiar with global regulatory requirements for this capability and respond to regulatory requests with relevant artifacts from cyber exercises to demonstrate compliance. Driving continuous improvement through automation, process improvement, and employing a forward-thinking lens for the future. QualificationsExcellent interpersonal abilities with strong written and oral communication skills appropriate for varied audience levels.Highly diligent and process-focused in managing key deliverables and multiple timelines with competing priorities. Experience with planning, conducting, and facilitating exercises that simulate business continuity and cyber security events to help evaluate organizational communication, decision-making, and security incident response processes and capabilities. Strong familiarity with SOC workflows, incident response phases, ransomware response, cloud/SaaS dependencies, and disaster recovery.Can reframe information security risk in business ROI terms. Experience with DHS’s Homeland Security Exercise and Evaluation Program (HSEEP) and the ability to apply the principles to a cyber-focused exercise program. A passion for professional development and maturing the overall program in conjunction with industry best practices and regulatory guidance.A keen eye to drive continuous improvement not only within the program but also enterprise wide in conjunction with second and third lines of defense.Assist in maturing program KPIs into measurable business outcomes that exceed industry best practices.Brief or assist in briefing senior executives on exercise outcomes, top themes, and recommended investments while driving ownership on ownership and timelines.Educational RequirementHolds a bachelor’s degree or has equivalent work experience.Preferred QualificationsPrior exercise experience at a financial institution or other organization within a highly regulated environment.Familiar with the Homeland Security Exercise and Evaluation Planning course (US FEMA), UK equivalent JESIP, or the UK government’s “Exercise in a Box.”Knowledge of the NICE Workforce Framework and MITRE ATTACK.Prior experience with FS-ISAC, CISA, FSSCC, and other organizations.Experience using artificial intelligence in large language models to build realistic scenarios.Technical experience including cyber incident response, process improvement, and digital automation.Cyber Risk Management certifications including CISSP, CISM, FAIR, etc.Experience working with cyber range environments, virtualized environments and learning management systems for cyber technical training.Employment eligibility to work with American Express in the UK is required as the company will not pursue visa sponsorship for these positions.About UsAt American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service.As part of Team Amex, you’ll experience our powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.About The TeamWe back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones’ physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:Competitive base salariesBonus incentivesSupport for financial-well-being and retirementComprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)Flexible working model with hybrid, onsite or virtual arrangements depending on role and business needGenerous paid parental leave policies (depending on your location)Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)Free and confidential counseling support through our Healthy Minds programCareer development and training opportunitiesOffer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
