Information Security Specialist- Third Party Risk Oversight

United States - Virtual Location

American Express Global Business Travel

View company page

Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.


Ready to explore a career path? Start your journey.

Information Security Specialist- Third Party Risk Oversight

Positioned at the intersection of commerce and travel, American Express Global Business Travel offers its customers a comprehensive network, service dependability, and deep insight to help move people and businesses forward. American Express Global Business Travel (GBT) provides leading travel solutions, integrated consulting services, proprietary research, and end-to-end meetings and events capabilities. These innovative offerings enable customers to optimize the return on their travel and meetings investments. Learn more at

American Express Global Business Travel is part of one of the world’s largest travel agency networks with locations in 139 countries worldwide.

The Information Security Specialist - Third Party Risk Oversight role is a unique, wide-ranging function whose objective is to conduct risk assessments of identified information systems and third parties using strong policy and process knowledge, as well as drive closure of identified gaps.  The Information Security Specialist’s responsibilities include:


  • Continually work to improve the program in alignment with compliance, industry and regulatory risks and requirements.
  • Evaluate the security, reliability, and integrity of information systems and third parties that support American Express Global Business Travel.
  • Deploy and Conduct vendor assessments, collect evidence, build work-papers and report findings.
  • Coordinates, implements, and supervises remediation response actions, including appropriate issues.
  • Ability to perform assignments independently with limited guidance regarding expected results.
  • Find opportunities for program and process improvements.
  • Other related task as needed.


  • Demonstrate knowledge of risk assessment concepts and auditing methodologies and approaches.
  • Demonstrate an understanding of industry standards (e.g. NIST 800-53, ISO 2700x series, SOX, COBIT and similar industry recognized standards and regulations).
  • Hands on experience conducting vendor assessments, documenting findings and reporting on identified issues.
  • Sound interpersonal, organizational, and leadership skills; sound business judgment, and proven expertise in leading efforts to support program requirements, as well as practical execution on projects.
  • Flexibility when working with change in direction and variables.
  • Good interpersonal skills, both in writing and verbal.
  • Ability to work under stress, multiple priorities, and maintain positive demeanor
  • Minimum of 3-6 years of experience in IT, with at least 2 years of hands-on experience in third party assessment, information security risk; travel industry experience is a plus
  • Bachelor’s degree or equivalent experience in Business, Information Technology, or combination of education and industry certifications (CISSP or CISA preferred).



United States - Virtual Location



The US national annual base salary range for this position is from $70,000 to $140,000.  The national range provided includes the base salary that GBT expects to pay for the role.  Actual base salary will be based on factors including the scope and complexity of the role and the successful candidate’s relevant experience, skills, knowledge, and work location.

In addition to base salary, this role is eligible for our Annual Incentive Award plan, which rewards participants based on company and individual performance.  For information about our comprehensive US benefits programs and eligibility, please review our Benefits-at-a-Glance document.

GBT 2023 Benefits-at-a-Glance



The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

  • Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and more.

  • Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

  • Develop the skills you want when the time is right for you, with global tuition assistance, access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

  • We strive to champion Diversity, Equity, and Inclusion in every aspect of our business at GBT. You can connect with colleagues through our global Inclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.

  • Wellbeing resources to support mental and emotional health for you and your immediate family.

  • And much more!

All qualified applicants will receive equal consideration for employment without regard to age, gender identity (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, race, color, religion, creed, national origin, disability, veteran status, citizenship or marital status. It is our policy to maintain an equal-opportunity environment free from intimidation, harassment or bias for our candidates, colleagues, clients and suppliers.

We are committed to providing reasonable accommodation to individuals with disabilities. Please, let your recruiter know if you need an accommodation at any point during the hiring process. For more details, please consult GBT Recruitment Privacy Statement.

What if I don’t meet every requirement? If you’re passionate about our mission and believe you’d be a phenomenal addition to our team, don’t worry about “checking every box;" please apply anyway. You may be exactly the person we’re looking for!

Apply now Apply later
  • Share this job via
  • or

Tags: Audits CISA CISSP CoBIT Compliance NIST Privacy Risk assessment

Perks/benefits: Career development Equity Flex hours Health care Insurance Medical leave Parental leave Startup environment Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  69  26  2
Category: Compliance Jobs

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.