Listing Description
Please Apply: https://jobs.americanexpress.com/jobs/18008909?lang=en-us
Job Description
It’s more than protecting systems and data.
It’s protecting people.
Our Information Security Managers know that security is a top priority for our business and our partners and customers. Today, as cyber-attacks increase and compliance is more rigorously enforced, we look to them to stay ahead of what’s next and to protect our business and our future. So if you are dedicated to the latest technology and motivating others, secure your career here.
You won’t just see the problem coming, you’ll see the solution.
New threats to our business, our partners and customers appear on the horizon every day, so no two days are the same. But there are some things you can count on doing:
Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
Encouraging employee contribution, such as feedback, career development planning, and goal setting.
Developing plans and strategies for information security tools, processes, and programs
Responding to changes in the regulatory environment and assisting other organizations in doing the same.
Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
Qualifications
American Express’s Insider Threat Team works in collaboration with other information security teams to monitor User and Entity behaviors in order to protect American Express and our customers. We are responsible for identifying, investigating, and reporting anomalous and suspicious internal activity. Once an investigation has been performed we work with the other information security teams to prevent future incidents, improve the speed of detection, and reduce the time required to perform a thorough investigation.
Has a working knowledge of the following tools:
HIPS
Web Proxy
Open Source Intelligence
Memory Analysis
Syslog from servers and network devices
DHCP, AD, 802.1x, NAT, and VPN logs
Passive DNS
SIEM/Log Management systems
Encase/FTK/MantaRay/Axiom
A successful candidate is one who can demonstrate a history of:
6 years experience working in cyber investigations, computer forensics, financial fraud investigations and/or other IT related fields tied to information security
Perform event analysis to determine risks and make recommendations
Lead and mentor technical team on security incident response activities
Is actively engaged in and contributing to the Information Security industry and best practices (e.g. understands industry best practices in security operations; participates in local networking with other InfoSec professionals; stays current on industry trends)
Produces quality documentation/ investigation reports (e.g. document design, workflow improvement, standard operational procedures, development of incident playbook)
Coordinates with other team members/teams to resolve issues encountered during investigations,
Communicates status of investigations (e.g. report on progress against technical plan; timely escalation of issues and risks; ability to explain technical solutions to a non-technical audience)
Self-motivated to creatively find and investigate a wide range of system events
Expert knowledge of the Linux and Windows platforms
Demonstrate (via work experience) the ability to follow frameworks to ensure comprehensive investigations
Ability to creatively solve complex problems
Experience with programming/scripting languages (python, lua, perl)
Experience working under pressure
Willing to work off-hours as situations may arise
Preferred Certifications:
CISSM
CISSP
GCFA
GCFE
EnCe
CFSR
ReqID: 18008909
Schedule (Full-Time/Part-Time): Full-timeNew threats to our business, our partners and customers appear on the horizon every day, so no two days are the same. But there are some things you can count on doing:
Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
Encouraging employee contribution, such as feedback, career development planning, and goal setting.
Developing plans and strategies for information security tools, processes, and programs
Responding to changes in the regulatory environment and assisting other organizations in doing the same.
Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
Listing Details
- Citizenship: No Requirements
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute