Information Security Analyst-Third Party Security

$85,000 - $150,000/Yr

American Express - Phoenix, AZ

posted 13 days ago

Full-time - Mid Level
Phoenix, AZ
Credit Intermediation and Related Activities

About the position

The Information Security Analyst for Third Party Security at American Express is responsible for managing and reducing cyber risk associated with third-party vendors. This role involves developing reporting frameworks, evaluating third-party adherence to security programs, and advising leadership on cyber risk related to external partners. The analyst will work within a diverse tech team to enhance the organization's cyber health and ensure compliance with security standards.

Responsibilities

  • Support an evolving reporting framework and generate metrics on third-party cyber risk.
  • Deliver meaningful reports to leadership across business units and risk management committees.
  • Evaluate third-party adherence to security programs and identify opportunities for alignment with risk appetite.
  • Develop training materials, process flows, and communication plans to support program execution.
  • Create materials for executive audiences to communicate program status and risks.
  • Identify and drive opportunities for maturing the third-party cyber risk program.
  • Support the evolution of key risk metrics to evaluate third-party cyber health.
  • Manage Third-Party Security products including data management and validation support.
  • Advise leadership and business partners on technical cyber risk as it relates to third parties.

Requirements

  • Demonstrated ability to analyze datasets and produce metrics and standardized reporting.
  • Knowledge of cyber security threats, risks, and vulnerabilities.
  • Experience in driving complex, large-scale change efforts within matrix organizations.
  • Strong attention to detail and problem-solving skills.
  • Excellent verbal and written communication skills, with the ability to convey security concepts to diverse audiences.

Nice-to-haves

  • Experience with Cyber Attack Surface Management solutions like BitSight and Security Scorecard.
  • Familiarity with industry standard control frameworks and regulatory requirements such as ISO27001, NIST CSF, and OWASP Top 10.

Benefits

  • Competitive base salaries
  • Bonus incentives
  • 6% Company Match on retirement savings plan
  • Free financial coaching and financial well-being support
  • Comprehensive medical, dental, vision, life insurance, and disability benefits
  • Flexible working model with hybrid, onsite or virtual arrangements
  • 20+ weeks paid parental leave for all parents
  • Free access to global on-site wellness centers
  • Free and confidential counseling support through Healthy Minds program
  • Career development and training opportunities

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service