Director Cybersecurity - Cloud Security Strategy & Governance
Company: American Express
Location: Phoenix
Posted on: January 9, 2026
|
|
|
Job Description:
At American Express, our culture is built on a 175-year history
of innovation, shared values and Leadership Behaviors, and an
unwavering commitment to back our customers, communities, and
colleagues. As part of Team Amex, youll experience this powerful
backing with comprehensive support for your holistic well-being and
many opportunities to learn new skills, develop as a leader, and
grow your career. Here, your voice and ideas matter, your work
makes an impact, and together, you will help us define the future
of American Express. American Express is on an exciting cloud
transformation journey driven today by a successful, high-energy,
delivery-focused team that enables our vision of “security-as-code”
and integrations across a diverse set of teams and tools to ensure
public cloud security equivalency with on-premises security
capabilities, methods, and processes for all cloud service models
(IaaS, PaaS, SaaS) and workloads. The Director – Cloud Security
Strategy and Governance will collaboratively lead the Strategic
Program Management, Governance, and Operations functions of the
technology risk and cyber security controls and capabilities
required to secure the American Express cloud journey, including
both our private/public cloud. The Director will partner with Cloud
Engineering, Cloud Operations, other Technology partners, and all
TRIS domains to help drive secure adoption, governance, compliance,
and operations using a standardized risk-based model. The Director
will set the agenda by collaborating and driving cross-TRIS
matrixed capabilities to ensure appropriate risk informed delivery,
directly supporting the enterprise cloud strategy. The successful
candidate will be accountable for the oversight and delivery of the
Cloud Security Strategy and Governance program and the enablement
of all up-stream/down-stream processes and methods.This position
demands a well-organized action-oriented, team player with the
ability to prioritize daily work vs strategic roadmap items; work
on multiple initiatives simultaneously; establish and maintain an
outward looking view on new and evolving technologies; and an
ability to mature and operate business critical, end-to-end
processes and solutions – while ensuring a great colleague user
experience. You will work closely with other Information Security
departments, architecture and the Enterprise Cloud team, as well as
external cloud providers on requirements, design, integration and
delivery of these solutions. Responsibilities Include: • Build and
lead Program Management functions to drive delivery of centralized
cloud security reporting, governance, and finance functions •
Develop, coach and mentor a highly motivated team, while
coordinating closely with other Information Security and
Engineering leaders and business partners. • Partner in external
and internal audits, ensuring overall adherence to policies and
standards, driving the highest level of compliance through
response, remediation and escalation as necessary • Establish and
refine cloud security budget and finance forecasting for public
cloud consumption of security tools • Assess, measure and report
against cloud controls, and drive risk reduction guidance across
and in partnership with all TRIS domains • Partner with TRIS,
Engineering and business stakeholders to help define and prioritize
cloud security initiatives • Provide security expertise to the
Cloud Program, including Infrastructure as a Service (IaaS),
Platform as a Service (PaaS), and Cloud Application Architecture
subprograms. • Collaborate with enterprise architects and SMEs to
deliver comprehensive security solutions that align to Amex cloud
strategy • Capture requirements; build functional specifications,
timelines, adoption plans and other artifacts to support security
implementation. • Partner with Architecture teams to build
cloud-optimized security patterns and contribute to Enterprise
Architecture governance. • Partner with and support the Engineering
team to drive and execute results in a timely manner. Required
Skills/Experience • 8 years of experience in Information Security
Roles • Experience with Cloud Control Matrix and CIS benchmarks for
gap assessment • Broad understanding of all IS disciplines
including, Governance, Cyber Threat, Identity and Access,
Infrastructure, Endpoint, Vulnerability, Data Protection,
Operations, Application, Incident Response. • Understanding of
Information Security technology and platform delivery with
experience in planning and execution of security projects. •
Understanding of Cloud Fundamentals, including containers,
software-defined networks, high availability design, multi-cloud,
and serverless compute. • Demonstrated experience in Agile
environments, application design, software development, and
testing. Educational Requirement: • Bachelor’s Degree in computer
science, computer engineering, or related field; or equivalent
experience • Information Security Certification strongly desired,
CISM or similar. Salary Range: $170,000.00 to $255,000.00 annually
bonus equity (if applicable) benefits The above represents the
expected salary range for this job requisition. Ultimately, in
determining your pay, we’ll consider your location, experience, and
other job-related factors. We back you with benefits that support
your holistic well-being so you can be and deliver your best. This
means caring for you and your loved ones physical, financial, and
mental health, as well as providing the flexibility you need to
thrive personally and professionally: • Competitive base salaries •
Bonus incentives • 6% Company Match on retirement savings plan •
Free financial coaching and financial well-being support •
Comprehensive medical, dental, vision, life insurance, and
disability benefits • Flexible working model with hybrid, onsite or
virtual arrangements depending on role and business need • 20 weeks
paid parental leave for all parents, regardless of gender, offered
for pregnancy, adoption or surrogacy • Free access to global
on-site wellness centers staffed with nurses and doctors (depending
on location) • Free and confidential counseling support through our
Healthy Minds program • Career development and training
opportunities
Keywords: American Express, Casa Grande , Director Cybersecurity - Cloud Security Strategy & Governance, IT / Software / Systems , Phoenix, Arizona
