• Responsible for planning, conducting, and coordinating the delivery of cyber exercises in conjunction with internal teams, vendor partners, as well as external private and public organizations.
• Manage the complete lifecycle of exercise products and ensure follow-through on identified improvement areas to measurably enhance cyber resiliency, ensure compliance with evolving regulatory requirements, and demonstrate program maturity.
• Help lead cross-functional project teams and work with internal and external business partners to determine and translate technical and business requirements into exercise solutions that help reduce cyber risks for American Express.
• Coordinate with global teams across the organization to plan and conduct market-specific cyber exercises.
• Manage project costs, resources, change requests, risks, and issues to ensure that maximum business benefit is maintained and provide regular project status updates to leadership.
• Respond to regulatory requests with relevant artifacts from cyber exercises to demonstrate compliance with appropriate global regulations.
• Help ensure that American Express teams are learning from relevant internal incidents and external events to support continually improving our risk posture for significant or crisis-level cybersecurity incidents.

Required Skills/Qualifications:

• Excellent interpersonal abilities with strong written and oral communication skills appropriate for varied audience levels.
• Highly diligent and process-focused in managing key deliverables and multiple timelines with competing priorities.
• Experience with planning, conducting, and facilitating exercises that simulate cyber security events to help evaluate organizational communication, decision-making, and security incident response processes and capabilities.
• Previous IT and business work experience including working with teams in both individual contributor roles and team program management functions.
• Understands business goals and can reframe information security risk discussions in business terms.
• Proven ability to deliver business value through successful risk reduction activities.
• Constructively engages business partners and professionally drives conversations to good decisions.
• Maintains a professional demeanor and can proficiently demonstrate industry and business knowledge to leadership, regulators, and peer firms.
• Demonstrated success in understanding technical details and communicating effectively to manage expectations and influence others.
• Experience working with technical teams such as security intelligence and security operations functions.
• Requires financial competence in terms of representing project financials, program budgets and vendor contracts.

Minimum Qualifications:

• Educational requirement: Holds a Bachelor's or Master's Degree in Business, Computer Science, or other technical field, or has equivalent work experience successfully managing diverse technical teams in business settings

Preferred Qualifications:

• Experience conducting public events, coordinating logistics, marketing, and comfortable presenting in front of audiences
• Professional security certifications e.g., CISSP, CISM, CRISC, etc.
• Completion of the DHS Master Exercise Practitioner Program (MEPP)
• Cyber Crisis Management Exercise Professional (C²MEP)
• Certification preferences: PMI or equivalent Project Management certification e.g., Certified Associate in Project Management, Certified Project Management Practitioner, International Project Management Association
• Cyber Risk Management certifications, e.g., FAIR – Factor Analysis of Information Risk
• Incident Management training or certification, e.g., FEMA Emergency Management
• Experience working with cyber range environments, virtualized environments and learning management systems for cyber technical training
• Experience working with common Governance, Risk & Compliance tools, e.g., RSA Archer
• Experience configuring common content management systems, e.g., Confluence, SharePoint, OneDrive
• Experience working internationally
• Open to considering some candidates who may have less senior experience but possess some of the technical competence and soft skills outlined above to rapidly grow their knowledge and become a strong contributor.

Salary Range: $110,000.00 to $190,000.00 annually + bonus + benefits

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors.

We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:

• Competitive base salaries
• Bonus incentives
• 6% Company Match on retirement savings plan
• Free financial coaching and financial well-being support
• Comprehensive medical, dental, vision, life insurance, and disability benefits
• Flexible work arrangements and schedules with hybrid and virtual options with Amex Flex
• 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities

For a full list of Team Amex benefits, visit our Colleague Benefits Site.

At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.

We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.

US Job Seekers/Employees - Click here to view the “Know Your Rights” poster and supplement and the Pay Transparency Policy Statement.

If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.