Information Security Specialist- Third Party Risk Oversight
United States - Virtual Location
Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.
Ready to explore a career path? Start your journey.
Information Security Specialist- Third Party Risk Oversight
Positioned at the intersection of commerce and travel, American Express Global Business Travel offers its customers a comprehensive network, service dependability, and deep insight to help move people and businesses forward. American Express Global Business Travel (GBT) provides leading travel solutions, integrated consulting services, proprietary research, and end-to-end meetings and events capabilities. These innovative offerings enable customers to optimize the return on their travel and meetings investments. Learn more at www.americanexpress.com/businesstravel.
American Express Global Business Travel is part of one of the world’s largest travel agency networks with locations in 139 countries worldwide.
The Information Security Specialist - Third Party Risk Oversight role is a unique, wide-ranging function whose objective is to conduct risk assessments of identified information systems and third parties using strong policy and process knowledge, as well as drive closure of identified gaps. The Information Security Specialist’s responsibilities include:
- Continually work to improve the program in alignment with compliance, industry and regulatory risks and requirements.
- Evaluate the security, reliability, and integrity of information systems and third parties that support American Express Global Business Travel.
- Deploy and Conduct vendor assessments, collect evidence, build work-papers and report findings.
- Coordinates, implements, and supervises remediation response actions, including appropriate issues.
- Ability to perform assignments independently with limited guidance regarding expected results.
- Find opportunities for program and process improvements.
- Other related task as needed.
- Demonstrate knowledge of risk assessment concepts and auditing methodologies and approaches.
- Demonstrate an understanding of industry standards (e.g. NIST 800-53, ISO 2700x series, SOX, COBIT and similar industry recognized standards and regulations).
- Hands on experience conducting vendor assessments, documenting findings and reporting on identified issues.
- Sound interpersonal, organizational, and leadership skills; sound business judgment, and proven expertise in leading efforts to support program requirements, as well as practical execution on projects.
- Flexibility when working with change in direction and variables.
- Good interpersonal skills, both in writing and verbal.
- Ability to work under stress, multiple priorities, and maintain positive demeanor
- Minimum of 3-6 years of experience in IT, with at least 2 years of hands-on experience in third party assessment, information security risk; travel industry experience is a plus
- Bachelor’s degree or equivalent experience in Business, Information Technology, or combination of education and industry certifications (CISSP or CISA preferred).
LocationUnited States - Virtual Location
The US national annual base salary range for this position is from $70,000 to $140,000. The national range provided includes the base salary that GBT expects to pay for the role. Actual base salary will be based on factors including the scope and complexity of the role and the successful candidate’s relevant experience, skills, knowledge, and work location.
In addition to base salary, this role is eligible for our Annual Incentive Award plan, which rewards participants based on company and individual performance. For information about our comprehensive US benefits programs and eligibility, please review our Benefits-at-a-Glance document.
The #TeamGBT Experience
Work and life: Find your happy medium at Amex GBT.
Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and more.
Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.
Develop the skills you want when the time is right for you, with global tuition assistance, access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.
We strive to champion Diversity, Equity, and Inclusion in every aspect of our business at GBT. You can connect with colleagues through our global Inclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.
Wellbeing resources to support mental and emotional health for you and your immediate family.
And much more!
All qualified applicants will receive equal consideration for employment without regard to age, gender identity (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, race, color, religion, creed, national origin, disability, veteran status, citizenship or marital status. It is our policy to maintain an equal-opportunity environment free from intimidation, harassment or bias for our candidates, colleagues, clients and suppliers.
We are committed to providing reasonable accommodation to individuals with disabilities. Please, let your recruiter know if you need an accommodation at any point during the hiring process. For more details, please consult GBT Recruitment Privacy Statement.
What if I don’t meet every requirement? If you’re passionate about our mission and believe you’d be a phenomenal addition to our team, don’t worry about “checking every box;" please apply anyway. You may be exactly the person we’re looking for!
More jobs like this
Palo Alto, CA, United … Palo Alto, CA, United States Full TimeMid Mid-levelUSD 124K - 240K USD 124K+
Associate Director, Privacy & Data Security Compliance (Hybrid, Remote or Onsite Options)Analytics Compliance GDPR HIPAA Privacy Strategy
Career development Equity Gear Health care Salary bonus +1
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs