Job Specifications
At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.
Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.
How will you make an impact in this role?
American Express is on a mission to provide the world’s best customer experience every day. Rooted in this vision is the work of the Technology Risk & Information Security organization, empowering the company to deliver superior service through trust, security, and safety. Our culture is centered around passion, curiosity, and courage, enabling you to innovate and evolve a Fortune 100 company. You can help us achieve this mission! Are you ready to protect one of the most admired brands from today’s, and tomorrow’s advanced threats?
American Express seeks to recruit a passionate, and experienced security analyst for its security operations & incident response team. This is a hands-on, technical role performing incident response activity ranging from pre-incident (preparation), active incident, to post incident. You will be a key technical resource in conducting investigations, performing analysis, identifying TTPs, building the attack narrative, and taking response actions. You are a motivated professional that will assist with people, processes, and technology that empowers the team to investigate sophisticated threats. This role requires critical thinking, innovative problem solving, leading analysis, and effective communications.
Responsibilities
Perform triage and analysis for cyber security events across multiple platforms using data across diverse sources (e.g., firewalls, EDR, IDS/IPS, identity, application logs).
Recognize attacker tactics, techniques, and procedures as well as Indicators of Compromise (IOCs) / Indicators of Attack (IOAs) that can be applied to current and future investigations.
Investigate and respond to cyber security incidents, supporting all stages of the incident lifecycle including identification, containment, eradication, and recovery efforts.
Contribute to team projects, process improvement, and development of new capabilities.
Curate a world class security operations and incident response team with a relentless focus on innovation and continuous improvement.
Assess and develop incident response best practices to help mature the overall security operations of the organization.
Make recommendations for improving enterprise risk posture based on individual research and technical expertise.
Stay current on industry trends, attack techniques, mitigation techniques, and security technologies.
Produce high-quality written and verbal reports, recommendations, and actions.
Minimum Qualifications
1-3 years of experience in information security
Solid foundation of network and application protocols and concepts (tcp, ip, dns, http, dhcp, etc).
Experience with various network and/or host-based security tools to detect and respond to security events.
Experience with log analysis using SIEM/SOAR platforms.
Theoretical and practical security knowledge and investigation experience with Mac, Linux, and Windows operating systems, as well as cloud environments.
Theoretical and practical knowledge in Incident Response lifecycles
Strong analytical, documentation, and communication skills.
Applicable certifications such as Security+, CySA+, GSEC, GCIH, GCIA, CEH, CISSP
Salary Range: $89,250.00 to $150,250.00 annually + bonus + benefits
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we’ll consider your location, experience, and other job-related factors.
We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:
Competitive base salaries
Bonus incentives
6% Company Match on retirement savings plan
Free financial coaching and financial well-being support
Comprehensive medical, dental, vision, life insurance, and disability benefits
Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
Free and confidential counseling support through our Healthy Minds program
Career development and training opportunities
For a full list of Team Amex benefits, visit our Colleague Benefits S