Director, EMEA Application Security

Don't just have a great idea, build it.

The Director of EMEA Application Security will be responsible for enabling innovation while reducing risk across the AXP Enterprise by growing and leading a technical cross-functional team tasked with secure design, engineering collaboration, security automation, and operational support.

The ideal candidate recognizes the importance of security solutions that are agile, scalable, and improve the developer experience. In addition, the ideal candidate should have several years of engineering experience in addition to several years in application security, being able to solve problems with code while also leading a distributed team to deliver services across multiple work streams.

Requirements:

• Provide strong leadership to a distributed team of security engineers and practitioners by establishing clear direction, a productive culture, and measurable goals in pursuit of the overarching organizational strategy and roadmap
• Deliver training and consultation to development teams on application security
• Continuously improve security tooling and services to meet stakeholder needs
• Provide escalation point for resolving application security issues and concerns
• Evangelize security practices within the development organization
• Recruit, mentor, and grow a talented team of technical application security experts
• Collaborate with internal stakeholders and partners on addressing systemic security issues
• Integrate, measure, and report on security controls in the SDLC
• Ensure successful execution of regulatory and audit responses

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

Required skills:

• University Degree in Computer Science or similar field of study; advanced degree preferred
• Relevant professional certification preferred
• Experience in a fast-paced application security, agile environment
• Experience in software development across web, mobile, and micro services
• Expert knowledge in tools and capabilities to identify and prevent security issues and business logic flaws (Threat Modeling, SAST, DAST, BDD, Pen Testing, RASP, etc.)
• Expert knowledge in application architecture, OWASP Top 10, and DevOps
• Experience in application security program frameworks like OWASP SAMM and BSIMM
• Track record of innovation, results, and ability to collaborate and drive change across functions
• Demonstrated leadership experience with distributed and geographically disbursed teams
• Ability to communicate complex technical topics and facilitate discussions with business and technology leaders and peers
• Ability to design, implement, and operate processes and methodologies in a manner that effectively supports business and information security objectives
• Strong written and verbal communication, interpersonal, presentation, and negotiation skills
• Demonstrated collaboration skills along with the ability to influence without authority

Why American Express?

Talk to our people and you'll find out what we're really all about. Open, creative, risk-taking, collaborative and innovative are just some of the expressions you'll hear. It's our culture that makes American Express an outstanding place to work, and a big part of why we regularly win best workplace awards all over the world including recognition amongst the World's Best Multinational Workplaces by Great Place to Work and Glassdoor's 2017 Best Places to Work. If you're ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.

To complete your application please click on the links below. However, if you require any assistance with the completion of this process - or need any reasonable adjustments to be made - then please contact the Recruitment Team on or (for Russia based candidates ).

ReqID:
Schedule (Full-Time/Part-Time): Full-time