×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Information Security Technology Manage

Job in Orem, Utah County, Utah, 84057, USA
Listing for: American Express Global Business Travel
Full Time position
Listed on 2026-06-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

Job Description American Express Global Business Travel (Amex GBT) is seeking a motivated and driven individual to maintain and enhance an existing information security management system and associated frameworks. By joining our Global Cyber Governance, Risk and Compliance team, you will be a core member responsible for security oversight and compliance management for a dedicated product/service in the Company’s portfolio. You will be responsible for promoting best practices, company’s policies and controls in protecting the confidentiality, integrity and availability of Amex GBT’s assets.

The information security manager will be responsible for managing an existing ISO 27001 ISMS and maintaining associated ISO 27001 certification as well as PCI DSS certification for a product line. This role will include responsibility for managing policies, controls reviews, management reporting, exception and issue remediation tracking, metrics and support of customer facing security requests.

What You’ll Do :

Serves as a single point of contact for information security related audit and assessments requests which will include Internal Audit, Key Controls Testing, PCI and ISO 27001 audit engagements.

Responsible for ISO 27001 and PCI DSS certification execution

Supports departments by collecting and coordinating internal compliance data with auditors and various departments.

Maintains audit schedule and request trackers, collects evidence and supports audit fieldwork/certification engagements

Prepares management reports for technical, management and leadership level stakeholders including Management Reviews and metrics

Drives completion of management responses and compiles mitigation plans, tracks progress of mitigation activities, when applicable

Enhances compliance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments which may include policy creation and management, exception evaluations and tracking, metrics, etc Identifies areas of improvement and enhances awareness of security requirements

Drives information security policy and standard enhancements

Provide support in various security risk reviews, conducts risk assessments, control testing and supports execution of assigned security controls.

Conducts internal and external audits

Completes customer security questionnaires and assessments and participates in the customer RFP engagement process.

What We’re Looking For :

Must have Fluent English and French, preference is for Bilingual background.

Strong leadership skills and ability to work effectively with a multi-disciplinary set of stakeholders across different levels, time zones and with minimal supervision

Formal experience with ISO 27001 certification and ISMS management as well as PCI DSS.Experience complying with industry security standards such as COBIT, ISO 27001/2, NIST CSF or similar

Experience working with 3rd party security auditors

Strong understanding of the business impact of security tools, processes, and policies as well as high proficiency in how to assess risk and business impact

Team player; able to work collaboratively and effectively with and through others at all levels in an organization; proven ability to influence others and move toward a common vision or goal.

Technical knowledge of IT processes to include configuration management, networking, database management, application coding, availability, data center operations, etc.

Excellent understanding of technical security safeguards.

Solid business acumen, flexibility, and judgment to evaluate issues/problems of high complexity and make sound decisions.

Strong project management and people management skills.

Solid analytical skills and understanding of processes, technology and operational concepts.
5+ years of relevant security technology experience.
3+ years in…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search