Cybersecurity Engineer II

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career.

Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

How will you make an impact in this role?

This Analyst role will focus on correlating data from various logs and data sources to detect anomalous, suspicious, or malicious behaviors. We are looking for a person to write SIEM rules to generate complex advanced detections. You will be able to apply Information Security knowledge to drive future content to reduce risk and work closely with other Information Security teams including Cyber Threat Intelligence, Cyber Detection Engineering, and Incident Response.

• Partner with the Cyber Threat Intelligence team to identify active or emerging threats likely to target American Express
• Perform basic threat modelling of common environments to identify threat detection opportunities across the MITRE ATT&CK framework
• Work with platform owners and Cyber Data Engineering to identify telemetry required to support the development of identified threat detection opportunities
• Perform deep dive analysis of logs and malicious artifacts
• Analyze large data sets to identify trends and anomalies indicative of malicious activities
• Ability to develop, document and maintain custom detection queries

Minimum Qualifications:

American Express is looking for a Threat Detection Analyst with 2+ years’ experience in Incident Response, Threat Detection, or Information Security role to join the Threat Detection and Hunt (TDH) team. The ideal candidate should have ample exposure to endpoint detection principles, network security principles, threat detection practices, and advanced rule writing; along with first-hand experience working in an information security role. Additionally, we are looking for superb communication skills, an ability to work effectively in a team and perform well in a rapidly-paced workplace.

• Thorough knowledge of information security components, principles, practices, and procedures
• Analytic approach and familiarity with analytic methodologies, including experience solving complex security problems
• Understanding of Operating System internals and how to analyze malicious code, scripts, exploits, etc
• Experience analyzing logs and events generated by endpoint and other security solutions
• Understanding of network principles and topology, network protocol behavior, security devices (IPS, IDS, HIPS, firewall)
• Understanding of authentication principles and technologies, including Active Directory
• Ability to evaluate threat intelligence and identify TTPs for use in detection mechanisms at both the host and network level
• Must have hands on experience with a Breach and Attack Simulator platform
• Must have an understanding of how malicious traffic appears over the network and at security devices
• Must have the ability to analyze data from a variety of sources, correlating it to meaningful security events
• Hands-on programming experience in Python
• Understanding of Amex Technology Risk, management of risk, and how to take risk into account in detection engineering
• University Degree in Information Security, or related field; or equivalent experience

Preferred Qualifications:

• Hands on experience with Safebreach BAS platform
• Advanced rule and/or query writing experience in at least one SIEM
• Should understand content testing, implementation, and revision cycle
• Information Security Certification preferred: GIAC, Network+, or similar

Salary Range: $89,250.00 to $150,250.00 annually + bonus + benefits

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we’ll consider your location, experience, and other job-related factors.

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

• Competitive base salaries 
• Bonus incentives 
• 6% Company Match on retirement savings plan 
• Free financial coaching and financial well-being support 
• Comprehensive medical, dental, vision, life insurance, and disability benefits 
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need 
• 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy 
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) 
• Free and confidential counseling support through our Healthy Minds program 
• Career development and training opportunities

For a full list of Team Amex benefits, visit our Colleague Benefits Site.

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions.

We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.

US Job Seekers - Click to view the “Know Your Rights” poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: https://www.eeoc.gov/poster

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.