Director Cybersecurity Cyber Threat Remediation

JOB DESCRIPTION

Joining Amex Tech means discovering and shaping your contribution to something big. Here, you can work alongside talented tech teams and build a unique career with the Powerful Backing of American Express. With a range of opportunities to work with the latest technologies, and a commitment to back the broader engineering community through open source, our mission is to power your success. Because Amex Tech is powered by our technology, our culture, and our colleagues.

The Technology organization enables and accelerates the company’s growth strategies, delivering global capabilities and services in support of Amex’s customers and colleagues, while maintaining 24/7 servicing and availability to ensure an uninterrupted, high-quality customer experience. Technology provides the foundation for everything we do in the company while driving differentiation through building and leveraging innovative technology and data insights.

At American Express, our mission is to deliver the world’s best customer experience every day. At the heart of this mission is our Information Security organization, enabling exceptional experiences built on a foundation of trust, service, and security. We leverage advanced technologies and data-driven insights to stay ahead of an evolving threat landscape. We foster a culture of passion, curiosity, and courage-empowering you to innovate, grow, and help shape the future of a Fortune 100 company.

Trust. Service. Security .

Director, Information Security - Cyber Threat Remediation

American Express is on a mission to provide the world’s best customer experience every day. Deeply rooted in that vision is our Technology Risk & Information Security organization, which enables the company to deliver superior service backed by security. Our culture is centered around passion, curiosity, and courage, empowering colleagues to innovate and evolve a Fortune 100 company. Are you ready to help reduce cyber risk for one of the world’s most admired brands?

Reporting to the Vice President, Cybersecurity Operations, the Cyber Threat Remediation function is responsible for ensuring that cyber threats, incidents, and testing activities result in sustained, measurable reductions in enterprise risk. The successful candidate will lead a team and program accountable for driving root-cause remediation across Technology, Information Security, Risk, and Business partners, ensuring that lessons learned are translated into durable control improvements.

RESPONSIBILITIES

• Drive enterprise-wide remediation of material cyber threats identified through incidents, cyber threat intelligence, red team activity, and regulatory findings.
• Lead post-incident and post-testing remediation efforts to eliminate systemic and repeat control weaknesses.
• Establish governance, prioritization, and accountability for remediation actions across Technology and Business teams.
• Work in close collaboration with Incident Response, Cyber Threat Intelligence, Red Team, and Engineering partners to institutionalize threat-informed improvements.
• Provide regular written and verbal updates to senior leadership on remediation progress, residual risk, and risk-reduction outcomes.
• Ensure remediation effectiveness is measurable, auditable, and defensible for internal audit and regulatory review.

QUALIFICATIONS

• Minimum of 10 years’ experience in cyber threat intelligence, incident response, security engineering, or cyber risk management.
• Demonstrated experience leading enterprise-scale initiatives with material risk impact.
• Strong background in post-incident analysis, root-cause remediation, or control assurance.
• Bachelor’s degree in Computer Science, Engineering, Information Security, or related field or equivalent experience
• Advanced degree preferred.

Requirements

• Demonstrated experience driving complex, cross-organizational remediation initiatives without direct authority.
• Strong understanding of cybersecurity controls, architectures, and common failure modes.
• Proven ability to translate technical findings into actionable remediation plans with clear ownership and outcomes.
• Experience operating in regulated, large-scale enterprise environments.
• Executive presence with the ability to communicate clearly with senior leaders and peers.

Desired Leadership Characteristics

• Calm, decisive leadership in ambiguous and high-risk situations.
• Strong bias for action with a focus on outcomes over activity.
• Ability to prioritize remediation efforts based on risk and business impact.
• Proven capability to influence and collaborate in a highly matrixed organization.
• Ability to translate complex cybersecurity issues into clear, business-relevant narratives.

Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.