You Lead the Way. We?ve Got Your Back.
With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you?ll learn and grow as we help you create a career journey that?s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you?ll be recognized for your contributions, leadership, and impact?every colleague has the opportunity to share in the company?s success. Together, we?ll win as a team, striving to uphold our company values and powerful backing promise to provide the world?s best customer experience every day. And we?ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join Team Amex and let's lead the way together.
As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers? digital lives. Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems. Amex offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source. And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development. Find your place in technology on #TeamAmex
Information Security Analyst Intern Fall 2023
How will you make an impact in this role? This position is a 16 week Application Security Engineer internship (Fall 2023) opportunity to demonstrate knowledge gained and apply it in a dynamic, high-performing Technology Risk & Information Security team. Responsible for assisting with activities designed to systematically run information security, such as security investigations, intelligence, assurance, and/or other project oversight, including developing standard methodologies for information security standards and handling IT controls and compliance with regulatory guidance.
What type of work can you expect to do in Information Security at American Express?

• Application, Infrastructure and Network Security
  • Drive risk reduction through the rapid identification and remediation of vulnerabilities across the enterprise
  • Deliver secure solutions that enable secure operations and highly available products and services for our customers
  • Safeguard AXP data, customers, and brand through continuous monitoring and testing of production application environments
  • Threat Modeling, Secure Design, Secure Coding, Application Hardening, DAST, SAST, SCA, RASP
• Governance, Risk, Compliance
  • Bridge traditional boundaries between cyber and IT risk and expanding partnerships with IT and the business to drive risk reduction in the enterprise
  • Innovate Risk Management through enhancements in tooling and automation of processes; expand the capabilities of technology risk management
  • Extend risk management and control expertise beyond the information security domains into IT development organizations and the business
  • Identify and help mitigate IT and information security risk across people, processes, and technologies.
• Security Incident Response/Threat Intelligence
  • Act as the front line of defense at American Express protecting the brand, employees, assets and card members across the globe against threats 24/7/365
  • Minimize risk of cyber-attacks and focus on detection and response to threats
  • Monitor, detect, and respond to security events and incidents that affect AXP globally
• Data Loss Prevention
  • Protect our customers, partners, and colleagues from the loss of sensitive information through normal business processes and/or malicious actors
  • Monitor and block sensitive data loss where legally permissible
• Identity and Access Management/Authentication
  • Provide authentication, authorization, and full lifecycle management capabilities
  • Reduce, manage, and monitor risk associated with identity and access to AXP resources
• Cryptography/Encryption Services
  • Protect all forms of sensitive information, on all platforms, resulting in protection of the Brand and information assets, and regulatory compliance
  • Drive continuous enhancement to data protection
  
  

Minimum Qualifications:

• In-depth knowledge of cyber threats along with common security controls, detection capabilities, and other practices / solutions for securing digital environments.
• Application Development experience in Java/JEE, Spring & MVC concepts, NodeJS / Go / Python / Kotlin, HTML/CSS, JavaScript, ReactJS, Redux, DevOps - Git, Maven/Gradle, Databases etc.
• Understanding of what information or assets are of value to threat actors and how organizations are breached.
• In-depth understanding of modern technical security controls (i.e. firewalls, SIEMS, IPS, HIPS, web proxies, Threat Model, DAST, SAST).
• Must have strong verbal and written communication skills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Can apply a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making.

Preferred Qualifications:

• Current enrollment in Cyber Security, Computer Science, Software Engineering, Information Systems, or related field preferred
• Understanding on Application Security, OWASP Top 10 (Web, API. mobile), Cloud Security, DevSecOps
• Familiarity with Agile/Scrum development process

At American Express, you?ll be recognized for your contributions, leadership, and impact?every colleague has the opportunity to share in the company?s success. Together, we?ll win as a team, striving to uphold our company values and powerful backing promise to provide the world?s best customer experience every day. And we?ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
American Express is committed to providing an inclusive and accessible work environment in which all people who apply for positions or who work for or on behalf of Amex are treated with dignity and respect and are provided with equal treatment with respect to employment, regardless of that person's age, sex, sexual orientation, gender identity, gender expression, race, colour, ancestry, ethnic or national origin, citizenship, religion or creed, marital status, family status, pregnancy, disability, record of offences, social condition or origin, political beliefs, association or activity or other factors prohibited under applicable Human Rights legislation (the ?Prohibited Grounds?). If you have a disability and need accommodation, please speak with the Recruiter for more information.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.