Information Security Manager – Distributed Directory Services
- Phoenix, AZ
Why American Express?
There's a difference between having a job and making a difference.
American Express has been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.
We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don't make a difference without it.
Don't live life without it.
It's more than protecting systems and data.
It's protecting people.
Our Information Security Managers know that security is a top priority for our business and our partners and customers. Today, as cyber-attacks increase and compliance is more rigorously enforced, we look to them to stay ahead of what's next and to protect our business and our future. So if you are dedicated to the latest technology and motivating others, secure your career here.
Distributed Directory Services resides in the center of the Identity & Access Management organization. It lies within the technical architecture as well as within the core components of the concepts of IAM. The IAM Directory Services team has a global responsibility to provide service and support for the American Express Enterprise Directory with more than 100,000 users.
The Information Security Manager - Distributed Directory Services Architecture/Engineering & Operations reports to the Director of IAM Directory Services and will have operational and architectural oversight of American Express Enterprise Directory environment and associated management infrastructure.
We are looking for a highly skilled architecture / operations and performance subject matter expert who can provide strategic guidance and future vision regarding all aspects of daily operations and maintenance of the American Express Active Directory environment. You will be responsible for participating in the development of the enterprise directory services strategy. You will lead the operations team members by providing innovative solutions to improve the security and management of the Active Directory infrastructure. You will work with the team to challenge the status quo, constantly evaluate the current industry trends, and bring new capabilities to the IAM organization.
- Provide senior level leadership (document, develop, plan, execute) of Active Directory Architecture / Operations and performance controls.
- Act as the senior technical SME in the areas of Active Directory - administration, infrastructure, process, procedures, monitoring, and projects.
- Provide senior technical expertise when necessary to maintain the Active Directory environment.
- Act as a manager between the Business Partner and vendor technical contacts.
- Provide leadership for a team of skilled SMEs in resolution of complex Active Directory service issues.
- Clearly communicate to key stakeholders including senior leadership and internal/external audit teams.
- Promote and work with team members to implement process improvement initiatives.
- Manage cross-functional teams, providing direction and leadership oversight in a matrix organization.
You won't just see the problem coming, you'll see the solution.
New threats to our business, our partners and customers appear on the horizon every day, so no two days are the same. But there are some things you can count on doing:
- Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
- Encouraging employee contribution, such as feedback, career development planning, and goal setting.
- Developing plans and strategies for information security tools, processes, and programs.
- Responding to changes in the regulatory environment and assisting other organizations in doing the same.
- Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
The ideal candidate will have the following experience and qualifications:
- Bachelor's degree in Engineering, Computer Science, Information Systems or other related field or has equivalent work experience
- Microsoft certifications including Microsoft Certified Systems Engineer (MCSE)
- 10 or more years in a role with a primary focus of managing, maintaining, and securing a global Active Directory infrastructure consisting of 100,000 users
- Implementing Active Directory security best practices including:
- Principle of least privilege.
- Securing privileged access.
- Credential theft prevention.
- Reducing the attack surface.
- Implementing/maintaining secure administrative hosts.
- Securing domain controllers.
- Monitoring for signs of compromise.
- Ability to write complex PowerShell automation scripts.
- Integration of non-Windows (Linux, MAC, etc.) computers with Active Directory.
- Ability to think, communicate clearly, and make sound decisions while under pressure in a fast-moving environment.
- In-depth knowledge of and experience with:
- Authentication protocols such as Kerberos, NTLM, OAuth, etc.
- Protocol security hardening such as UNC, SMB, LDAP, etc.
- Group Policy
- Domain controller health monitoring and troubleshooting.
- Domain controller performance monitoring and troubleshooting.
- Certificate services, PKI, and encryption.
- Sites and Services
- Leadership competencies including: Building and Leveraging Relationships; Effective Communication; Develop Winning Strategies; Drive Innovation and Change; Drive Results; Focus on the Customer and Client; and, Demonstrate Personal Excellence.
- Information Security experience, certification, or a high level of Information Security Awareness.
- Experience in prevailing industry architecture operations methodologies
- Possess ability to translate technical issues into understandable business language for end users and solution for those issues long-term
- Must be highly articulate (both written and verbal) and have the ability to clearly communicate to key leadership personnel and stakeholders including internal/external audit teams
- Preferred experience working with vendor teams to provide support and systems integration
- Preferred experience with operational tools such as MS SCOM.
- Preferred experience in highly regulated environments
- Team player with a positive attitude Ability to work nights and weekends for troubleshooting as needed
- Experience with Quest ARS and GPOAdmin is a plus
- Demonstrated ability to deliver on time and on budget
- Institutional Knowledge of our customers both inside and outside of the Technology organization is a plus
- Security Certifications such as CISSP, CISA, CISM is a plus
At the core of Information Security Management.
Every member of our team must be able to demonstrate the following technical, functional, leadership and business core competencies, including:
- Agile Practices
- Emerging Technologies
- Business Process Improvement
- Business Risk Management
- Analytical Thinking
- Coaching and Mentoring
- Business Case Development
- Industry and Company Knowledge
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
Tags: PA-12100, CFE-12801
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Oct 21, 2020, 5:00:06 PM EEO Statement
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.
Back to top