More jobs:
Information Security Technology Manage
Job in
Aberdeen, Aberdeen City Area, AB10, Scotland, UK
Listed on 2026-02-21
Listing for:
American Express Global Business Travel
Full Time
position Listed on 2026-02-21
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
United Kingdom time type:
Full time posted on:
Posted Todayjob requisition :
J-78847
Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.
Job Description American Express Global Business Travel (Amex GBT) is seeking a motivated and driven individual to maintain and enhance an existing information security management system and associated frameworks. By joining our Global Cyber Governance, Risk and Compliance team, you will be a core member responsible for security oversight and compliance management for a dedicated product/service in the Company’s portfolio. You will be responsible for promoting best practices, company’s policies and controls in protecting the confidentiality, integrity and availability of GBT’s assets.
The information security manager will be responsible for managing an existing ISO 27001 ISMS and maintaining associated ISO 27001 certification as well as PCI DSS certification for a product line. This role will include responsibility for managing policies, controls reviews, management reporting, exception and issue remediation tracking, metrics and support of customer facing security requests.
** What You’ll Do :
*** Serves as a single point of contact for information security related audit and assessments requests which will include Internal Audit, Key Controls Testing, PCI and ISO 27001 audit engagements.
* Responsible for ISO 27001 and PCI DSS certification execution
* Supports departments by collecting and coordinating internal compliance data with auditors and various departments.
* Maintains audit schedule and request trackers, collects evidence and supports audit fieldwork/certification engagements
* Prepares management reports for technical, management and leadership level stakeholders including Management Reviews and metrics
* Drives completion of management responses and compiles mitigation plans, tracks progress of mitigation activities, when applicable
* Enhances compliance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments which may include policy creation and management, exception evaluations and tracking, metrics, etc
* Identifies areas of improvement and enhances awareness of security requirements
* Drives information security policy and standard enhancements
* Provide support in various security risk reviews, conducts risk assessments, control testing and supports execution of assigned security controls.
* Conducts internal and external audits
* Completes customer security questionnaires and assessments and participates in the customer RFP engagement process.
** What We’re Looking For** :
* Must have Fluent English and French, preference is for Bilingual background.
* Strong leadership skills and ability to work effectively with a multi-disciplinary set of stakeholders across different levels, time zones and with minimal supervision
* Formal experience with ISO 27001 certification and ISMS management as well as PCI DSS.
* Experience complying with industry security standards such as COBIT, ISO 27001/2, NIST CSF or similar
* Experience working with 3rd party security auditors
* Strong understanding of the business impact of security tools, processes, and policies as well as high proficiency in how to assess risk and business impact
* Team player; able to work collaboratively and effectively with and through others at all levels in an organization; proven ability to influence others and move toward a common vision or goal.
* Technical knowledge of IT processes to include configuration management, networking, database management, application coding, availability, data center operations, etc.
* Excellent understanding of technical security safeguards.
* Solid business acumen, flexibility, and judgment to evaluate issues/problems of high complexity and make…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×