American Express Information SecuritySpecialist in Phoenix, Arizona
The successful candidate will participate on the team of IT security professionals to architect, engineer, and support multiple security solutions for the enterprise, including work flow tool development relative to incident response, and data feeds. The candidate will be responsible for ensuring security solutions are appropriately developed and used in the environment, identifying areas of risk, and creating solutions or controls to mitigate the risk. The candidate should be familiar with common workflow tools and eGRC tools used in Information Security, API integrations, and a number of development languages.
Responsible for developing and supporting multiple eGRC or Information Security workflow solutions
Responsible for leveraging Rest and Soap APIs to move data between security tools and the developed workflow solutions.
Responsible for troubleshooting issues that may arise whether at the Application or Operating System level of the workflow tools
Responsible for data migrations between legacy tools and new solutions being developed
Responsible for working initiatives across multiple business and technical environments, covering a wide range of business/technical functions, i.e. workflow automation, incident response, data feeds, service continuity, regulatory management, IT risk governance, vendor management, Identity and Access Management , project management, incident management, information security, vulnerability management, forensics, web security, etc.
May participate as subject matter expert or act as project manager for one large, complex or multiple moderately complex initiatives
Manages the development and delivery of standards, best practices, and architecture and system oversight programs to ensure effective controls across the enterprise
Develop, plan and implement strategies that improve the overall maturity of our IT risk, governance and compliance processes, programs and/or skills
Performs monitoring of events and security incidents and recommends solutions
Works with technology and business partners across business functions/processes to ensure alignment, understanding and ongoing communication on security controls, IT risk management and regulatory/compliance requirements
10 years of years of IT experience in development, testing and supporting critical enterprise applications
5 years of RSA Archer suite especially on Security Operations, Data Loss Prevention, Asset Management, Vulnerability Risk Management, Threat Management, Policy and Audit Management solutions
Certifications such as RSA Archer Certified Security Professional and Oracle Certified Java Professional strongly recommended
Other Professional certification preferred (e.g. CISA, CISSP, CISM, CPCB, etc.)
Must have experience with application development using workflow automation tools in an information security environment
Software development techniques and methodologies required
Fluency in software development and scripting languages preferred such as Java, .Net, Python, PowerShell, Perl, etc.
Experience with IT risk management and process improvement
Experience working with internal and external auditors, and regulatory examiners
Highly developed communication skills
Excellent time management skills; ability to prioritize and multi-task
Demonstrated ability to deliver on time and on budget
Bachelor's degree in Computer Science, Technology, or Information Systems required
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
Title: Information SecuritySpecialist
Requisition ID: 18003668