Information Security Manager - Technology Exam and Findings Management
Location: Phoenix
Posted on: June 23, 2025
|
|
|
Job Description:
At American Express, our culture is built on a 175-year history
of innovation, shared values and Leadership Behaviors, and an
unwavering commitment to back our customers, communities, and
colleagues. As part of Team Amex, youll experience this powerful
backing with comprehensive support for your holistic well-being and
many opportunities to learn new skills, develop as a leader, and
grow your career. Here, your voice and ideas matter, your work
makes an impact, and together, you will help us define the future
of American Express. Joining Amex Tech means discovering and
shaping your contribution to something big. Here, you can work
alongside talented tech teams and build a unique career with the
Powerful Backing of American Express. With a range of opportunities
to work with the latest technologies, and a commitment to back the
broader engineering community through open source, our mission is
to power your success. Because Amex Tech is powered by our
technology, our culture, and our colleagues. The Manager of
Technology Exam and Findings Management will be responsible for
managing Technology owned or impacted exams, audits, and reviews,
and supporting the tracking of open findings, Management Action
Plans (MAP), Matters Requiring Attention (MRA), and other
regulatory or audit actions across Technology. The successful
candidate will collaborate across lines of defense and
organizations to manage, track, and report on open actions from
audits, reviews, and/or exams to various stakeholders as well as
provide consultative services on drafting MSIFs and findings
remediation plans in collaboration with Technology SMEs. This
position will report into the Director of Technology Exam and
Findings Management of the Regional Information Security and Tech
Supervisory Engagement team within the Technology Risk &
Information Security (TRIS) organization. Key responsibilities
include: • Manage American Express regulatory engagements, internal
compliance audits, and external assessments for Technology
programs, processes, and procedures • Respond to audit and
examination requirements from both internal auditors and external
examiners. • Understand and be able to develop, implement, and
follow-through on the lifecycle components of an MRA. • Collaborate
with Internal Audit Group, and 2nd line of defense partners to
align data for reporting. • Track and report status of open
findings, MAPs, MRAs for Technology across the three lines of
business. • Provide understanding of results, findings, action
plans, etc. to include plan activities, actions of coordination,
priorities, steps, process, and timeline for monitoring. • Create
and maintain an accurate flow of audit and exam information
including schedules, results, and statuses. Minimum Qualifications:
• 5 years of Information Security or Technology Risk Management
leadership experience. • Bachelor’s degree. • Experience working
with Regulators and in complex regulated businesses. • Experience
developing and reporting on project metrics to provide for various
levels of an organization. • Leadership and team-building skills,
with a consistent track record for successful delivery of projects.
• Understanding of information security regulatory landscape.
Preferred Qualifications: • Security and risk certifications (risk
and regulatory – CISA, CISM, CRISC) • Strong in risk management.
Ability to link threats to risk tolerance and control effectiveness
measurements. • Strong writing skills: the ability to frame
messages for specific audiences and communicate information about
complex issues to collaborators in a clear and easy to understand
way. • Experience in information security disciplines with emphasis
on vulnerability management, data protection, infrastructure
security, application security, identity and access, incident
management and data analytics. • Experience as an auditor in 2nd,
3rd, or regulatory spaces. • Experience working with a diverse
audience, under tight deadlines, and negotiate successful outcomes
to challenging problems. • Ability to work cross-functionally with
Technology and Security teams. Salary Range: $110,000.00 to
$190,000.00 annually bonus benefits The above represents the
expected salary range for this job requisition. Ultimately, in
determining your pay, we’ll consider your location, experience, and
other job-related factors. We back you with benefits that support
your holistic well-being so you can be and deliver your best. This
means caring for you and your loved ones physical, financial, and
mental health, as well as providing the flexibility you need to
thrive personally and professionally: • Competitive base salaries •
Bonus incentives • 6% Company Match on retirement savings plan •
Free financial coaching and financial well-being support •
Comprehensive medical, dental, vision, life insurance, and
disability benefits • Flexible working model with hybrid, onsite or
virtual arrangements depending on role and business need • 20 weeks
paid parental leave for all parents, regardless of gender, offered
for pregnancy, adoption or surrogacy • Free access to global
on-site wellness centers staffed with nurses and doctors (depending
on location) • Free and confidential counseling support through our
Healthy Minds program • Career development and training
opportunities
Keywords: , Maricopa , Information Security Manager - Technology Exam and Findings Management, IT / Software / Systems , Phoenix, Arizona
