Manager, Information Security-STAR

Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We're here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

The Manager, Information Security- STAR role is a unique, multi-faceted function whose objective is to drive the completion of GBT information security onboarding assessments as well as Information Protection Contract Requirements. This role is both internal client and external Vendor facing. The Information Security Manager's responsibilities include:

Responsibilities:

• Oversee and conduct Security and Technical Architecture Review (STAR) process for new and existing third parties and partners at the project level (onboarding)
• Serve as a subject matter expert, meet with third party vendors and internal staff to explain and set expectations around the STAR risk management process and timelines
• Conduct preliminary assessment to identify and communicate potential risks of proposed vendor products/services to all Amex GBT stakeholders
• Schedule and participate/perform periodic review and assessment of vendor adherence to Amex GBT standards
• Work with the Amex GBT GRC tool to manage third party vendor review workflow
• Work with third party, the Amex GBT project team and standard owners to ensure that identified risks are addressed in the Risk Management Plan (RMP)
• Decommissioning vendors as part of STAR review process (offboarding)
• Work closely with other internal Information Security peer groups to provide a holistic information security posture for the organization
• Participate in contract discussions, reviewing technical terms and process descriptions contained in the contract verbiage
• Produce reports and dashboards of tracked items for the STAR team (RMPs, vendor review scheduling, etc.) as required

Knowledge/Expertise:

• Ability to interact with all levels of management
• Knowledge of Travel Industry and related travel products helpful
• Bachelor's degree in Business, Information Technology, or equivalent combination of education and industry certifications
• CISM, CISA, CISSP certifications (or equivalent experience) preferred
• Minimum of 6+ years of experience in IT, with at least 3 years of hands-on experience in information security compliance; financial industry experience is a plus
• Technical architecture skills to understand, evaluate, and assess technical proposals from vendors in STAR documentation submissions
• Support audit oversight activities as needed
• Strong communication skills to interface with external partners and others
• Experience with managing third party vendors in a GRC portfolio
• Ability to work autonomously while managing a wide portfolio of vendor reviews
• Sound interpersonal, organizational, and leadership skills; sound business judgment, and proven expertise in directing the efforts of a technical staff
• Ability to work under deadline pressure, multiple priorities and maintain positive attitude
• Professional communication skills in English (Verbal & Written)

Location

Click here to learn more about the benefits we offer in Mexico.

The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

• Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and wellbeing resources to support you and your immediate family.

• Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

• Develop the skills you want when the time is right for you, with access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

• We strive to champion Inclusion in every aspect of our business at Amex GBT. You can connect with colleagues through our global INclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.

• And much more

All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.

Click Here for Additional Disclosures in Accordance with the LA County Fair Chance Ordinance.

Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult the Amex GBT Recruitment Privacy Statement.

What if I don't meet every requirement? If you're passionate about our mission and believe you'd be a phenomenal addition to our team, don't worry about "checking every box;" please apply anyway. You may be exactly the person we're looking for