American Express Information Security Analyst- PenTesting in Phoenix, Arizona
Information Security is one of the most exciting and challenging professions in the world – especially at American Express! American Express is committed to building a strong Cyber Security team to support our world-class organization. This group is nimble and creative with the power to shape our technology and product roadmap. You will be part of a fast-paced, ‘on demand’ team responsible for delivering and performing Penetration Testing. You will be challenged with delivering thorough testing and following through to resolution. Today, as cyber-attacks increase and compliance is more rigorously enforced, we look to stay ahead of what’s next and to protect our business and our future
Provide scanning and testing for new or modified systems as part of the SDLC
Conduct remediation validation, and vulnerability assessments on a wide variety of technologies and implementations utilizing:
o manual and automated tools techniques
o web application penetration testing
o backend server and infrastructure testing
o network penetration tests
Utilize a variety of vulnerability assessment and penetration testing tools and documented processes to ensure consistency and optimization of information security processes; work in support of efforts to measure and improve information security processes
Effectively communicate successes and obstacles with fellow team members and leaders
Ethically operate with appreciable latitude in developing methodologies
Prepare materials (reports, presentations, spreadsheets, etc) detailing assessment findings and recommendations on information security to help develop scenarios, response procedures, and to enable informed decision making; verify completeness, accuracy and relevance of data gathered
Provide consulting service to internal technology and business partners
Collaborate with internal and external auditors and regulatory examiners to ensure compliance within the program
3 years in the IT profession
Experience/understanding of security principles, policies and industry best practices
Demonstrable experience with common network vulnerability assessment techniques and tools
Demonstrable experience with application security assessment techniques and tools
Be able to describe and manually perform vulnerabilities such as SQL injection, Server Side Request Forgery, etc.
Familiarity with common penetration testing methodologies such as the OSSTMM, OWASP Testing Guide and the PTES
Knowledge in technology infrastructure security, networking, databases, systems and/or Web
Exceptional communication skills
Demonstrated ability to deliver on time and on budget
At the core of Information Security Management.
Every member of our team must be able to demonstrate the following technical, functional, leadership and business core competencies, including:
Business Process Improvement
Business Risk Management
Coaching and Mentoring
Business Case Development
Industry and Company Knowledge
Why American Express
Talk to our people and you’ll find out what we’re really all about. Open, creative, risk-taking, collaborative and innovative are just some of the expressions you’ll hear. It’s our culture that makes American Express an outstanding place to work, and a big part of why we regularly win best workplace awards all over the world. If you’re ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law.
Title: Information Security Analyst- PenTesting
Other Locations: United States
Requisition ID: 18003629