American Express Work From Home Opportunity (Remote Information Security Specialist)

Job Description
Work Location Options:
Hybrid/Virtual

You Lead the Way. We’ve Got Your Back. 

With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.

At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong. Join Team Amex and let’s lead the way together.

As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers’ digital lives. Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems. Amex offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source. And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development. Find your place in technology on #TeamAmex.

How will you make an impact in this role?
American Express seeks to recruit a passionate, and experienced intrusion response lead analyst for its incident response team. This is a mid to senior level hands-on, highly technical role performing incident response activity ranging from pre-incident (preparation), active incident, to post incident. You will be a key resource in conducting investigations, performing analysis, identifying TTPs, building the attack narrative, and taking response actions. You are a motivated professional that will assist with people, processes, and technology that empowers the team to investigate sophisticated threats. This role requires critical thinking, innovative problem solving, leading analysis, and effective communications.

Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations and critical issues from junior analysts across Windows, Mac, Linux, and Cloud platforms.

Participate in incident response and crisis management activities.
Advise leadership on containment, eradication, and recovery strategies during incident response.
Fully scope incidents through proper identification of all affected systems and/or accounts.
Recognize attacker tactics, techniques, and procedures as well as Indicators of Compromise (IOCs) / Indicators of Attack (IOAs) that can be applied to current and future investigations.
Contribute to team projects, process improvement, and development of new capabilities.
Curate a world class security operations and incident response team with a relentless focus on innovation and automation.

Assess and develop incident response standard processes to help mature the overall security operations of the organization.
Make recommendations for improving risk posture based on individual research and technical expertise.
Stay ahead of industry trends, attack techniques, mitigation techniques, and security technologies.
Produce high-quality written and verbal reports, recommendations, and actions.
Participate in on-call rotation and provide after-hours support on an as-needed basis

Minimum Qualifications
3+years experience in information security, incident response, digital forensics and/or incident response consulting.
Experience with host, network, and/or memory forensics
Experience with various network and/or host-based security tools to detect and respond to security events. (e.g. SIEM, web proxy, intrusion detection/prevention, etc.)
Theoretical and practical security knowledge and investigation experience with Mac, Linux, and Windows operating systems, as well as cloud environments.
Theoretical and practical knowledge of Incident Response lifecycles
Ability to convey complex technical concepts to audiences with varying levels of ability

Preferred Qualifications
5+ years experience in information security, incident response, digital forensics and/or incident response consulting.
Excellent analytical, documentation, and communication skills.
Multiple applicable certifications (GSE, GDAT, GCIA, GCIH, GCFA, GNFA, GCFE, GREM)
Knowledge and investigation experience in a global, multi-cloud environment.
Experience in programming and/or scripting languages (Python, PowerShell, Go, etc.)

Salary Range: $110,000.00 to $190,000.00 annually + bonus + benefits

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we’ll consider your location, experience, and other job-related factors.

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.

We back our colleagues with the support they need to thrive, professionally and personally. That’s why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.

US Job Seekers/Employees – Click here to view the “Know Your Rights” poster and supplement and the Pay Transparency Policy Statement.

If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.