Senior Security GRC Analyst

Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

AmexGBT’s Security GRC team is looking for a highly motivated Senior Security GRC Analyst to join our team. The ideal candidate will be responsible for identifying and assessing risks, evaluating information security controls, ensuring compliance with security and regulatory requirements, and supporting audit activities. This role requires strong analytical skills, attention to detail, and a solid understanding of GRC principles.

What We're Looking For:

• Identify, assess, and analyze risks related to information security, business processes, and regulatory compliance.

• Develop, monitor, and analyze security and compliance metrics to assess the effectiveness of information security controls.
• Conduct assessment to ensure compliance with security frameworks, regulatory requirements, and internal policies.
• Assist with audit activities by gathering evidence, conducting preliminary assessments, and supporting remediation efforts for identified findings.
• Collaborate with other AmexGBT teams to improve security posture and mitigate risks.
• Stay up to date on emerging cybersecurity trends, regulatory changes, and best practices to continuously improve Onspring implementations.

What You'll Do:

• Bachelor’s degree in information security, risk management, or a related field (or equivalent experience).
• 7+ years of experience in cybersecurity risk management. 
• In-depth knowledge of cybersecurity frameworks (NIST, ISO 27001, SOC 2, GDPR, PCI DSS, etc.) and regulatory compliance requirements (GDPR, PCI DSS).
• Experience with risk management processes, including risk assessments, mitigation plans, and monitoring.
• Good understanding of security controls, governance, risk management, and compliance processes in the context of cybersecurity.
• Familiarity with various security technologies and tools (e.g., SIEM, firewalls, vulnerability management, identity management systems).
• Experience with risk assessment methodologies and security control evaluations.
• Strong analytical and problem-solving skills.
• Good communication and reporting skills, with the ability to communicate findings to partners.

Location

The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

• Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and wellbeing resources to support you and your immediate family.

• Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

• Develop the skills you want when the time is right for you, with access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

• We strive to champion Inclusion in every aspect of our business at Amex GBT. You can connect with colleagues through our global INclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.

• And much more!

All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.

Click Here for Additional Disclosures in Accordance with the LA County Fair Chance Ordinance.

Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult the Amex GBT Recruitment Privacy Statement.

What if I don’t meet every requirement? If you’re passionate about our mission and believe you’d be a phenomenal addition to our team, don’t worry about “checking every box;" please apply anyway. You may be exactly the person we’re looking for!