Joining Amex Tech means discovering and shaping your contribution to something big. Here, you can work alongside talented tech teams and build a unique career with the Powerful Backing of American Express. With a range of opportunities to work with the latest technologies, and a commitment to back the broader engineering community through open source, our mission is to power your success. Because Amex Tech is powered by our technology, our culture, and our colleagues.
The Technology organization enables and accelerates the company’s growth strategies, delivering global capabilities and services in support of Amex’s customers and colleagues, while maintaining 24/7 servicing and availability to ensure an uninterrupted, high-quality customer experience. Technology provides the foundation for everything we do in the company while driving differentiation through building and leveraging innovative technology and data insights.
At American Express, our mission is to deliver the world’s best customer experience every day. At the heart of this mission is our Information Security organization, enabling exceptional experiences built on a foundation of trust, service, and security. We leverage advanced technologies and data-driven insights to stay ahead of an evolving threat landscape. We foster a culture of passion, curiosity, and courage—empowering you to innovate, grow, and help shape the future of a Fortune 100 company.
Trust. Service. Security.
Cybersecurity Engineer III leads the implementation of advanced secure network solutions, identity & access management solutions, conducting security assessments, overseeing endpoint protection, developing security policies, managing encryption technologies, and preparing robust technical documentation to enhance the organization’s cybersecurity posture. This role combines expertise in Agentic AI security, email security, encryption technologies, and Data Loss Prevention (DLP) to defend against evolving cyber threats while enabling secure business operations.
- Implements advanced secure network solutions, including building and configuring firewalls, VPNs, and intrusion detection/prevention systems, to protect the organization’s digital assets
- Develop and secure Agentic AI workflows by implementing governance, identity controls, prompt security, data protection, and monitoring for AI agents.
- Implements and identifies access management security solutions that drive least privilege
- Utilizes a strategic mindset and enterprise perspective to develop proactive cybersecurity solutions, employing critical thinking to anticipate and prevent threats
- Applies technical skills to automate routine cybersecurity tasks and enhance observability, demonstrating a re-engineering mindset to improve efficiency and control mechanisms
- Oversees the deployment and configuration of endpoint protection solutions, ensuring that all devices are adequately protected against malware and other threats
- Develops and contributes to maintaining comprehensive security policies, procedures, and best practices to ensure compliance with industry standards and regulatory requirements
- Collaborates with software development teams to integrate security into the software development lifecycle, including conducting code reviews and providing support on secure coding practices
- Implements and manages encryption technologies to protect sensitive data in transit and at rest, ensuring the confidentiality and integrity of the organization’s data
- Conducts in-depth research on emerging security threats and technologies and maintain situation awareness on emerging and disruptive technologies
- Prepares and presents detailed technical documentation and reports to senior engineers on security assessments, findings, and remediation efforts to provide insights and recommendations for improving the organization’s security posture
- Collaborates and co-creates effectively with teams in product and the business to align technology initiatives with business objectives
- Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, and/or comparable experience; advanced degree preferred
- Knowledge of regulatory compliance and security standards
- Knowledge of Application Development & Security
- Knowledge of Data Engineering
- Knowledge of Cloud Security Management
- Knowledge of Data Privacy & Protection (DPP, GDPR)
- Knowledge of Data Security Management
- Knowledge of scripting languages such as Python, Bash, or PowerShell for automating security tasks
- Knowledge of network protocols (e.g., TCP/IP, DNS, HTTP) and security fundamentals
- Knowledge of Identity & Access Management (IAM)
- Knowledge of AI governance, AI security frameworks, and responsible AI practices.
Work Experience:
- Experience in cybersecurity and / or information security
- Experience with SIEM (Security Information and Event Management) tools such as Splunk, ArcSight, or QRadar
- Experience with IDS/IPS (Intrusion Detection Systems/Intrusion Prevention Systems)
- Experience with incident response tools such as Wireshark or Sysinternals and forensic investigation tools and techniques
- Experience with security tools such as firewalls (e.g., Palo Alto, Cisco ASA), intrusion detection systems (e.g., Snort, Suricata), and antivirus software (e.g., Symantec, McAfee)
- Experience securing Generative AI and Agentic AI platforms such as Microsoft Copilot, Azure AI Foundry, OpenAI, or Google Vertex AI.
Licenses and Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- CompTIA Security +
- Certified Incident Handler (GCIH)
- Certified Ethical Hacker (CEH)
- GIAC Security Essentials (GSEC)
Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.