Manager of Information Security for Mergers and Acquisitions - American Express : Job Details

At Amex GBT, we believe that travel can be a catalyst for positive change, and we are dedicated to creating an environment where every team member can thrive and contribute meaningfully to our industry. We are seeking a dynamic and enthusiastic Manager of Information Security who will lead our efforts in Mergers and Acquisitions, enhancing our brand protection while promoting growth through effective information security strategies.

In this crucial role, you will be the driving force behind building and leading an information security team focused exclusively on M&A. You will work closely with senior leadership, integration teams, and technical experts to ensure our security initiatives align with business objectives while managing potential risks during acquisitions.

Your Key Responsibilities:

• Oversee and coordinate all security integration activities related to M&A, ensuring clear communication with stakeholders and prompt resolution of any issues to maintain smooth daily operations.
• Standardize and enhance current due diligence and security integration practices in collaboration with the Information Security team, enabling thorough assessments of target organizations' security strengths and weaknesses.
• Conduct comprehensive acquisition risk assessments, considering factors such as data types, regulatory obligations, organizational size, technology usage, and security posture.
• Develop solutions that align business needs with stringent information and cyber security requirements.
• Evaluate business imperatives against security risks and propose necessary enhancements to improve our information systems security.

What We Value:

• A Bachelor's degree in Information Security, Risk Management, or a related discipline (or equivalent experience).
• A minimum of 7 years of expertise in Governance, Risk, and Compliance (GRC) within a cybersecurity framework.
• Comprehensive knowledge of cybersecurity standards (NIST, ISO 27001, SOC 2, GDPR, PCI DSS) and related regulatory compliance.
• Experience in risk management processes, including conducting risk assessments, creating mitigation strategies, and monitoring effectiveness.
• Capability to perform routine testing and internal control evaluations.
• Strong analytical skills to detect control weaknesses and assess remediation efforts.
• Familiarity with security technologies and tools, including SIEM, firewalls, vulnerability management, and identity management systems.
• Exceptional communication skills, with the ability to clearly convey findings to various stakeholders.

Work Environment and Benefits:

The position is based in the United States, with a national annual base salary range from $70,000 to $140,000, depending on experience and role complexity. Beyond salary, you will be eligible for our Annual Incentive Award plan that rewards contributions to company and individual success. Our comprehensive benefits program includes health plans, retirement options, parental leave, and a robust wellness support system.

The #TeamGBT Experience:

• Enjoy flexible benefits tailored to your needs right from day one, including health insurance, retirement programs, parental leave, and resources for family wellness.
• Take advantage of exclusive travel perks with special deals from major suppliers, enhancing your travel experience.
• Develop new skills at your pace with access to over 20,000 courses and leadership training offered through our learning platform.
• Engage in our commitment to champion Inclusion at Amex GBT, connecting with colleagues through various Inclusion Groups aimed at promoting awareness and support.
• And so much more!

We welcome applicants from all backgrounds and are committed to providing equal opportunities regardless of age, gender, race, disability, or any other protected status. If you are passionate about our mission, we strongly encourage you to apply, even if you do not meet all listed requirements. Join us in making a meaningful impact!