Director -Technology Audit

Choose a career at American Express and you choose a company with a 150+ years of integrity and commitment to the future of its employees. Known around the world as one of the most successful financial services companies, a leading consumer brand, the gold standard in customer satisfaction, and rated one of the best places to work in the United States by Fortune magazine. As part of the American Express Finance organization, the Enterprise Risk and Assurances Services (ERAS) group is both a destination and a passport for your career. ERAS serves virtually all areas of American Express including the consumer and corporate card businesses as well as travel related services. The Audit Team The Enterprise Risk and Assurance Services (ERAS) group includes both the operations and technology audit functions and is led by the SVP Chief Operational Risk Officer and General Auditor. Our team is capable, professional, assertive, communicates effectively and enjoys an environment where team members are called upon to: - Operate effectively and flexibly across all areas of American Express, spanning different technologies, systems, business models, priorities and processes - Deliver constructive analysis, identify flaws and explain impact - Get the facts, be confident in them, and communicate concisely and with conviction - Enter into already high performing, high quality environments and determine if enhancements/corrections are needed - Take the unexplained, understand it and explain it - Learn something and teach it to others Key Responsibilities - Lead a team of auditors to execute technology audit projects in conformance with professional and department standards, budgets and deadlines - Execute multiple simultaneous audit projects of all sizes and complexity across multiple business areas within and outside of local region, in unfamiliar areas, and for different audit leaders - Execute technology audits specific to infrastructure and information security controls as well as participate on integrated audits that consider technology risks - Plan audit projects; make project-level judgments around objectives and scope - Adapt quickly to unstructured assignments, clarifying objectives and delivering results - Evaluate control designs; develop and execute audit tests - Evaluate results, synthesize audit findings across the project, draft audit reports, and ensure effective and efficient audit execution - Present audit objectives, scope, and results to very senior members of management, clearly articulating the potential impact of control gaps in a highly professional competent manner - Utilize automated work papers and other department and company tools in a proficient manner - Follow-up with management to ensure management action plans are closed effectively and timely - Coordinate with appropriate control groups and external auditors in planning and executing audit work - Effectively teach, coach, and develop team members in all aspects of the audit methodology - Act as coach and mentor to senior and staff auditors - Maintain internal audit competency through ongoing professional development - Assume full performance management responsibility for assigned staff American Express is an Equal Opportunity Employer. QUALIFICATIONS: - Six or more years technology audit experience - Six or more years of in-depth information technology experience, specifically in the area of information security - Six or more years managing direct reports and handling performance management responsibilities - Demonstrated proficiency of technology auditing control disciplines including both thorough and general knowledge in one or more relevant areas of technical specialization (e.g., Windows and LINUX/UNIX server security, network security, account and access management, mainframe systems (RACF, TSO, SDSF, IMS), data center operations, disaster recovery, problem management, and change management) - Proven ability to lead projects and initiatives that drive performance - Demonstrated ability to manage people in a way that inspires, develops, and delivers - Strong understanding of the financial services or related industry - BA or BS in Information Systems or equivalent degree required - Professional certification (CIA,, CISA, or CISSP) preferred - Demonstrated track record of integrity, effective written and verbal communication, and innovation - Knowledge and appreciation of regulatory, accounting, and financial industry guidance and best practices relevant to the business, including technology implications - Knowledge and experience in application of control theory and professional auditing practices - Familiar with IT control frameworks, such as ISO, CobiT, NIST, and ITIL - Ability to travel If interested, please apply online at http://track.jobviper.com/ViewJob.asp?id=560881-3-283