Information Security Manager

Job Description

Work Location Options :

Hybrid

At American Express, our culture is built on a 175-year history of innovation, shared Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.

Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

How will you make an impact in this role?

The Regional Information Security Officer (RISO) organization is responsible for information security control enforcement, incident management, regulatory change, cybersecurity awareness, reporting, and enablement for American Express European legal entities.

Key Responsibilities Include :

• Supporting the interconnection between core enterprise technology risk and information security functions and American Express European legal entities.
• Deliver leadership reporting and risk metrics that demonstrate the effectiveness of the cybersecurity program to American Express European legal entities.
• Support regulatory audit and examinations for Info Sec and Tech functions, including close partnership with the Privacy Office, Compliance, General Counsel, CRO teams, and the broader Information Security organization.
• Support regulatory change management for topics such as DORA, Operational Resilience, and EU AI Act.
• Support cyber incident management processes.
• Assess the design and operating effectiveness of information security controls to protect Confidentiality, Availability, and Integrity of Information and Systems.
• Consult on EMEA Business & Technologies projects to ensure appropriate security protection.
• Operate as part of the extended Information Security team in support of all security and compliance initiatives.

Maintain EMEA reporting boundaries and operate relevant governance processes.

Minimum Qualifications :

• Excellent verbal and written communication skills, including the ability to translate technical concepts into clear business language.
• Proficiency in Italian and English.
• Proven ability to build relationships and work collaboratively in a complex matrix environment.
• Strong organization and planning skills.
• Ability to work independently as part of a geographically dispersed team.
• Knowledge of applicable information security standards and regulatory requirements.
• Keen attention to detail.
• 5+ years of experience in Information Security or Technology Risk Management.
• Experience working with audits and regulatory requirements in complex, regulated businesses.
• Broad understanding of information security disciplines.
• Experience in risk assessment and relevant methodologies, including quantitative risk management techniques.
• Security-related certifications are desirable.

We back you with benefits that support your holistic well-being so you can be and deliver your best. This includes caring for your and your loved ones' physical, financial, and mental health, as well as providing flexibility to thrive personally and professionally :

• Competitive base salaries
• Bonus incentives
• Support for financial well-being and retirement
• Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
• Flexible working model with hybrid, onsite, or virtual arrangements depending on role and business need
• Generous paid parental leave policies (depending on your location)
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

Other Jobs You May Be Interested In

Information Security Manager

Sao Paulo, Brazil

Information Security Manager

Buenos Aires, Argentina

Information Security Manager

Gurugram, India

Manager - Information Security

New York, NY, USA

Information Security Manager

Tokyo, Japan

Sr Mgr-Tech Risk & Control (Data Governance)

New York, NY, USA

Senior Info Security Analyst

Gurugram, India

Senior Associate Cybersecurity Operations & Assurance

Gurgaon, India

Associate Privacy Control Framework

New York, USA

Slide 1 of 3

When you become part of our Talent Community, we'll keep you posted about future job opportunities that may be a match for you, as well as career-related events.