Information Security Manager-Lead Exercise Planner/Manager (REMOTE OR HYBRID)

Company: American Express
Location: Santa Fe
Posted on: January 23, 2023

Job Description:

**Description**With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you'll learn and grow as we help you create a career journey that's unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.At American Express, you'll be recognized for your contributions, leadership, and impact-every colleague has the opportunity to share in the company's success. Together, we'll win as a team, striving to uphold our company values and powerful backing promise to provide the world's best customer experience every day. And we'll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong. Join Team Amex and let's lead the way together.**How will you make an impact in this role?**As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers' digital lives. Here, you can work alongside dedicated engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve ambitious problems. Amex offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source. And because we understand the importance of keeping your skills relevant, we give you dedicated time to invest in your professional development. Find your place in technology on #TeamAmexJoin a dynamic program at American Express and be a significant contributor to our ongoing activities to help reduce cyber risks to the Company, the Financial Services sector and in the Information Security industry. Be an integral part of an innovative team that plans, develops, and delivers exercises simulating cyber security incidents to improve company-wide readiness for an actual cyber incident. American Express is a recognized leader in the Financial Services sector, and you will be influential in helping advance the Company's resilience and cyber risk management processes.**Job Responsibilities:**+ Responsible for planning, conducting, and coordinating the delivery of cyber exercises in conjunction with internal teams, vendor partners, as well as external private and public organizations.+ Manage the complete lifecycle of exercise products and ensure follow-through on identified improvement areas to measurably enhance cyber resiliency, ensure compliance with evolving regulatory requirements, and demonstrate program maturity.+ Help lead cross-functional project teams and work with internal and external business partners to determine and translate technical and business requirements into exercise solutions that help reduce cyber risks for American Express.+ Coordinate with global teams across the organization to plan and conduct market-specific cyber exercises.+ Manage project costs, resources, change requests, risks, and issues to ensure that maximum business benefit is maintained and provide regular project status updates to leadership.+ Respond to regulatory requests with relevant artifacts from cyber exercises to demonstrate compliance with appropriate global regulations.+ Help ensure that American Express teams are learning from relevant internal incidents and external events to support continually improving our risk posture for significant or crisis-level cybersecurity incidents.**Required Skills/Qualifications:**+ Excellent interpersonal abilities with strong written and oral communication skills appropriate for varied audience levels.+ Highly diligent and process-focused in managing key deliverables and multiple timelines with competing priorities.+ Experience with planning, conducting, and facilitating exercises that simulate cyber security events to help evaluate organizational communication, decision-making, and security incident response processes and capabilities.+ Previous IT and business work experience including working with teams in both individual contributor roles and team program management functions.+ Understands business goals and can reframe information security risk discussions in business terms.+ Experience with DHS's Homeland Security Exercise and Evaluation Program (HSEEP) and the ability to apply the principles to a cyber focused exercise program.+ Proven ability to deliver business value through successful risk reduction activities.+ Constructively engages business partners and professionally drives conversations to good decisions.+ Maintains a professional demeanor and can proficiently demonstrate industry and business knowledge to leadership, regulators, and peer firms.+ Demonstrated success in understanding technical details and communicating effectively to manage expectations and influence others.+ Experience working with technical teams such as security intelligence and security operations functions.+ Requires financial competence in terms of representing project financials, program budgets and vendor contracts.**Educational requirement:**+ Holds a Bachelor's or Master's Degree in Business, Computer Science, or other technical field, or has equivalent work experience successfully managing diverse technical teams in business settings**Additional Qualifications:**+ Experience conducting public events, coordinating logistics, marketing, and comfortable presenting in front of audiences+ Professional security certifications e.g., CISSP, CISM, CRISC, etc.+ Completion of the DHS Master Exercise Practitioner Program (MEPP)+ Certification preferences: PMI or equivalent Project Management certification e.g., Certified Associate in Project Management, Certified Project Management Practitioner, International Project Management Association+ Cyber Risk Management certifications, e.g., FAIR - Factor Analysis of Information Risk+ Incident Management training or certification, e.g., FEMA Emergency Management+ Experience working with cyber range environments, virtualized environments and learning management systems for cyber technical training+ Experience working with common Governance, Risk & Compliance tools, e.g., RSA Archer+ Experience configuring common content management systems, e.g., Confluence, SharePoint, OneDrive+ Experience working internationallyOpen to considering some candidates who may have less senior experience but possess some of the technical competence and soft skills outlined above to rapidly grow their knowledge and become a strong contributor.**Compliance Language**Salary Range: $110,000.00 to $190,000.00 annually bonus benefitsThe above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors.American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.US Job Seekers/Employees - Click here to view the "EEO is the Law" poster and supplement and the Pay Transparency Policy Statement.If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.**Qualifications**Salary Range: $110,000.00 to $190,000.00 annually bonus benefitsThe above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors.American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.US Job Seekers/Employees - Click here to view the "EEO is the Law" poster and supplement and the Pay Transparency Policy Statement.If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.**Job:** Operations**Primary Location:** United States**Schedule** Full-time**Req ID:** 22032005

Keywords: American Express, Santa Fe , Information Security Manager-Lead Exercise Planner/Manager (REMOTE OR HYBRID), Executive , Santa Fe, New Mexico