Job Description

Senior Security GRC Analyst Job at American Express Global Business Travel, Phoenix, AZ K2tod05CbHJJQlJaY1AxYk9jK2NZQlp1aWc9PQ== American Express Global Business Travel Phoenix, AZ Job Description Amex GBT is a place where colleagues find inspiration in travel as a force for good and - through their work - can make an impact on our industry. We're here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued. Amex GBT's Security GRC team is looking for a highly motivated Senior Security GRC Analyst to maintain our strong security posture by overseeing the governance, risk, and compliance processes. We seek a highly skilled individual passionate about security with a strong understanding of GRC principles. Your role will involve developing and implementing security policies, procedures, and identifying and mitigating risks. What You'll Do: Conduct regular risk assessments and identify potential security vulnerabilities, providing recommendations for risk mitigation and remediation. Develop, monitor, and analyze security and compliance metrics to assess the effectiveness of controls. Ensure compliance with security frameworks, regulatory requirements, and internal policies through assessments. Assist with audit activities by gathering evidence, conducting assessments, and supporting remediation efforts. Develop and maintain security documentation, including policies, procedures, and standards. Identify and recommend process improvements and automation opportunities. Lead and participate in security awareness training and education initiatives. Serve as a subject matter expert on security GRC principles and guide team members. Stay updated with industry trends and best practices in security governance, risk, and compliance. What We're Looking For: Bachelor's degree in information security, risk management, or a related field (or equivalent experience). 7+ years of experience in Governance, Risk, and Compliance (GRC) within cybersecurity. Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, SOC 2, GDPR, PCI DSS) and compliance requirements. Experience with risk management processes, including assessments, mitigation, and monitoring. Ability to conduct testing and control reviews. Strong analytical skills for identifying control gaps and evaluating remediation. Familiarity with security technologies (SIEM, firewalls, vulnerability management, identity systems). Excellent communication and reporting skills. Location United States. The salary range is $70,000 to $140,000 annually, based on experience and location. Additional benefits include an incentive plan, health and welfare insurance, retirement programs, travel perks, learning opportunities, and inclusive benefits. We are committed to diversity and inclusion and provide accommodations for applicants with disabilities. For more details, please review our Privacy Statement. If you are passionate about security and meet most requirements, we encourage you to apply. #J-18808-Ljbffr Itlearn360

Job Tags

Similar Jobs