Description
You Lead the Way. We’ve Got Your Back. At American Express, we know that with the right backing, people and businesses have the power to progress in incredible ways. Whether we’re supporting our customers’ financial confidence to move ahead, taking commerce to new heights, or encouraging people to explore the world, our colleagues are constantly redefining what’s possible — and we’re proud to back each other every step of the way. When you join #TeamAmex, you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day.
It’s more than protecting systems and data.
It’s protecting people.
Our Information Security Managers know that security is a top priority for our business and our partners and customers. Today, as cyber-attacks increase and compliance is more rigorously enforced, we look to them to stay ahead of what’s next and to protect our business and our future. So if you are dedicated to the latest technology and motivating others, secure your career here.
You won’t just see the problem coming, you’ll see the solution.
New threats to our business, our partners and customers appear on the horizon every day, so no two days are the same. But there are some things you can count on doing:
Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
Encouraging employee contribution, such as feedback, career development planning, and goal setting.
Developing plans and strategies for information security tools, processes, and programs
Responding to changes in the regulatory environment and assisting other organizations in doing the same.
Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
We back our colleagues with the support they need to thrive, professionally and personally. That’s why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.
If the role you are applying for is designated as hybrid or onsite, you will be required to demonstrate that you have completed your primary COVID-19 vaccination series (i.e., 2 doses for Moderna/Pfizer and 1 dose for J&J) and, for medically eligible
colleagues, a booster shot, in order to work in or visit any of our offices. This requirement is subject to legally required accommodations.
Booster eligibility: The CDC has established guidelines for when adults are eligible to receive booster shots depending on when they completed their initial vaccine series (currently five months after the Pfizer-BioNTech and Moderna vaccines, and two months after the J&J Vaccine). If you have completed your primary vaccine series but have not yet reached your booster eligibility date, you will be able to come into the office; however, you will need to complete your booster within 30 days of becoming eligible to continue coming in and participating in company-sponsored in-person events.
Qualifications
The AMEX Vulnerability Research Team works to improve the security posture of American Express by developing solutions with a goal to permanently eliminating vulnerabilities and bug classes across all AMEX software repositories. Finding vulnerabilities and bug classes is achieved through deep security assessments using automated and manual means with a focus on code analysis. The team uses vulnerability data from multiple sources i.e. current security trends, bug bounty submissions, and internal reports. Vulnerabilities and bug classes are eliminated using variant analysis, which is the process of finding similar vulnerabilities to a sample flaw. To aid our mission, we also develop tooling to do this job in an efficient manner. Additionally, the team may be called on to determine the overall impact to the security posture of the enterprise due to reported vulnerabilities.
Minimum Qualifications
2 years or more of professional development
Proficient in more than one programming language
Experience with both frontend and backend web development (it’s okay to be stronger in one of them)
A practical understanding of networking protocols and ability to develop network clients
Ability to develop your own temporary tooling to support ongoing analysis work (pull code/artifact from a repo, process, perform some analysis task, save results in a machine readable way)
A working understanding of code analysis concepts such as what and AST is and how it can be produced
Understanding of Linux userland runtime environment from a CLI and user process perspective
Ability and desire to dig into unknown code bases to read and understand code written by others
Ability to pick up new programming languages as you go
Basic understanding of crypto and PRNGs
A high degree of technical curiosity
Additional attributes:
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
US Job Seekers/Employees – Click here to view the “ EEO is the Law ” poster and supplement and the Pay Transparency Policy Statement .
If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.
Job: Technology
Primary Location: United States
Schedule Full-time
Tags #LI-REMOTE
Req ID: 22003633
Company Description For over 30 years, Senior Resource Group-SRG has been an innovator in the development and operation of senior...
Apply For This JobHave you ever walked by a groom room window and thought to yourself, I want to do that for a...
Apply For This JobJob description GENERAL PURPOSE: This position is responsible for supervising two or more full time Customer Service Agents during seasonal...
Apply For This JobDescription: Responsible for building and packaging of oxygen concentrators-prototype inspection, modifications, upgrades and rework. Assemble and package oxygen concentrators in...
Apply For This JobThe Institute of Coaching (IOC) at McLean, a Harvard Medical School Affiliate, is a non-profit organization dedicated to advancing the...
Apply For This JobRequisition Number: 117063 Job Description Cintas is seeking a Senior Regional Safety & Heath Coordinator to provide group level and...
Apply For This Job