You Lead the Way. We’ve Got Your Back.
With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you’ll be recognized for your contributions, leadership, and impact - every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join Team Amex and let's lead the way together.
The Cyber Threat Intelligence team protects the American Express brand, global business operations, technology infrastructure and client trust against cyber threats worldwide. The CTI team collects, analyzes, and disseminates knowledge about adversaries and their motivations, intentions, and methods to help American Express at all levels protect the critical assets of the enterprise and customers.
The CTI Information Security Specialist produces actionable intelligence in a clear and concise manner and defines top threats impacting American Express in support of Lines of Business. This position entails both strategic and operational responsibilities for technology and intelligence processes. Critical skills include fostering relationships with key stakeholders by providing awareness, indications, warnings, and operational readiness.
How will you make an impact in this role?
- Create written and verbal intelligence products for internal AXP customers to assist in proactively addressing threats
- Develop and present key findings to senior leadership
- Perform open-source threat collection and analysis activities identifying indication of cyber threats, identify malicious code, websites, and vulnerabilities using existing and purpose-built tools
- Develop collection priorities that align with customer interests
- Identify credible new intelligence and subject matter resources relative to current/emerging threats
- Provide subject matter expertise on cyber threats to support current analytic operations and initiatives
Minimum Qualifications:
- Significant experience working in one or more areas of threat intelligence, security operations, or forensics
- Ability to review information to determine its significance, validate its accuracy and assess its reliability
- Knowledge of common security controls, detection capabilities, and securing digital environments, including packet flows/TCP & UDP traffic, firewall and proxy technologies, anti-virus, intrusion detection/prevention systems, host-based monitoring, email monitoring, spam technologies, and SIEMs
- Experience in analyzing malware/hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ methods for accomplishing their missions
- Basic understanding of forensic analysis on and data captures from networks/packet capture, hosts (volatile/live memory), electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Basic understanding of what information or assets are of value to threat actors and how organizations are breached
- Understanding of modern technical security controls (i.e. firewalls, SIEMS, IPS, HIPS, web proxies)
- Strong verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to both technical and non-technical audiences
- Ability to apply a variety of structured analytic techniques to generate and test hypotheses, assess cause and effect, challenge analysis, and support decision making
- Working knowledge in one or more of the following areas: nation-state threat actors, cybercrime, extremist groups, cyber terrorists, hacktivism, distributed denial of service attacks (DDoS), fraud, malware, social engineering, or emerging threats
Preferred Qualifications:
- University Degree or equivalent combination of education and experience
- Previous experience at the NSA, DoD, Military Threat Operations team member, Security Researcher, Cyber Threat Researcher, or Cyber Crime Investigator
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
To complete your application, please click on the links below. However, if you require any assistance with the completion of this process – or need any reasonable adjustments to be made – then please contact the Recruitment Team on [email protected]