Remote Information Security Manager - American Express

Join our dynamic team and take your career to the next level! We are seeking a highly skilled and experienced Information Security Manager to join our Global Risk and Compliance (GRC) team. As a key member of our second-line technology risk management team, you will play a critical role in overseeing and managing risks to ensure our organization operates in a secure and compliant manner.

As an Information Security Manager, you will be responsible for independently evaluating and reporting risks, providing a comprehensive view of total risks, and collaborating with key stakeholders across lines of business and lines of defense to ensure effective risk management. You will also lead data-driven audits, perform exploratory data analysis, and develop key risk indicators and performance metrics to provide insights into risk and performance trends.

About the Role:

• Full-time remote position with a competitive salary of $28/hour
• 8 hours of work per day, with a comprehensive benefits package
• Location: New York, USA (remote work arrangement)
• Industry: Private
• Employment Type: Full-time

Key Responsibilities:

• Conduct independent, proactive risk management and oversight of technology, cybersecurity, and business continuity management risks
• Perform data-driven audits focused on technology processes, cybersecurity controls, and business continuity management risks
• Lead exploratory data analysis on large datasets using SQL, Python, and Excel to develop significant insights into cybersecurity and technology-related data
• Develop and enhance data-driven key risk indicators and key performance indicators that provide real-time insights into risk and performance trends
• Stay up-to-date with relevant regulations, guidelines, and industry standards

Requirements:

• 5+ years of experience in risk management across any of the three lines of defense
• Proven ability to identify risks, analyze issues, and determine significant insights about risk trends by conducting interviews and analyzing large volumes of data
• Solid knowledge of system, cloud security, cyber intelligence, and cyber incident response areas
• Excellent analytical skills with high attention to detail and accuracy
• Solid knowledge of at least one of the data mining/large data analytical tools (e.g., Microsoft Excel: Pivot Tables, SQL, SAS, Python, R)
• Strong decisive thinking and problem-solving abilities
• Required self-starter who can work with minimal supervision
• Excellent verbal, written, and interpersonal skills

Preferred Qualifications:

• Education background: Computer Science or Information Systems
• Experience in risk management across cybersecurity, information technology, third-party, business continuity management
• Industry certifications (e.g., CISM, CISA, CRISC, CISSP)
• Cloud security certifications (e.g., CCSK, CompTIA Cloud+, CCSP, Azure Security, etc.)
• Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR, or NIST RMF)
• Knowledge of significant policies and regulations (e.g., OCC Enhanced Standards, FFIEC IT booklets)
• Experience with Governance, Risk, and Compliance (GRC) tools (e.g., Archer Apply Job)

Join Our Team!

This is a fantastic opportunity to grow your career. If you have the skills and passion we're looking for, please submit your application today.