Director-Tech Risk & Control - Regional Information Security Officer at American Express Company South Africa

Minato, , Japan -

Full Time

Start Date

Immediate

Expiry Date

14 May, 26

Salary

0.0

Posted On

13 Feb, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Information Security, Technology Risk Management, Regulatory Compliance, Risk Governance, Control Effectiveness, Risk Identification, Risk Assessment, Vulnerability Management, Threat Management, Data Protection, Privacy, PCI-DSS, Cloud Security, Identity And Access Management, Incident Response, Cyber Analytics

Industry

Financial Services

Description

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. The Regional Information Security Officer (RISO) for Japan is a senior leadership role within the International Risk & Control team, in Enterprise Technology Services. The role is accountable for information security and technology risk management across American Express Japan, aligned to APAC (Asia Pacific) regulatory expectations and global enterprise standards. This leader will design, execute, and continuously enhance the regional information security risk strategy, acting as the primary interface with regulators, senior business leaders, and global cybersecurity teams. The RISO – Japan will provide oversight of control effectiveness, regulatory compliance, risk reporting, and incident readiness across the market. Key Responsibilities Lead regional information security and technology risk management for American Express Japan, aligned to regulatory and business priorities Serve as the primary liaison between enterprise information security functions and APAC legal entities – specifically Japan, ensuring effective risk governance and control adoption Own first-line information security risk identification, assessment, and reporting for Japan; support broader APAC entities as required Assess and challenge the design and operating effectiveness of security controls protecting confidentiality, integrity, and availability of systems and data Partner closely with Legal, Compliance, Privacy, Audit and Risk teams to meet regulatory and supervisory expectations Lead security input into regulatory change initiatives, market programs, and technology transformations Identify, scope, and investigate emerging cyber and technology risks, including third-party and affiliate risks Deliver executive-level risk reporting, metrics, KPIs, and KRIs demonstrating cybersecurity program effectiveness Lead and respond to information security audits, regulatory examinations, and supervisory reviews Represent ETS in local risk committees and in meetings with Japanese regulators, articulating American Express’ security posture Collaborate with global teams to ensure consistent, market-specific implementation of enterprise security standards Required Experience & Qualifications 10+ years’ experience in Information Security, Cybersecurity, or Technology Risk Management Proven experience engaging with regulators in highly regulated environments (e.g., METI or equivalent) Strong expertise across core security domains, including: Vulnerability and threat management Data protection and privacy including PCI-DSS Infrastructure, application, and cloud security Identity & access management Incident response and cyber analytics Third party security Demonstrated ability to translate threats into risk, aligned to risk appetite and control effectiveness Deep understanding of the Japan and APAC cyber and tech risk regulatory landscape Education & Certifications Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field Master’s degree preferred Relevant professional certifications such as CISSP, CISM, CRISC, CISA, PCI (or equivalent) Leadership & Core Skills Experienced people leader with the ability to lead and develop teams in complex, matrixed organizations Exceptional written and verbal communication, with the ability to influence senior executives and regulators Strong capability to lead technical and risk discussions with non-technical stakeholders Fluency in Japanese and English (written and spoken) Highly self-motivated, detail-oriented, and comfortable operating with autonomy and accountability We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

This senior leadership role is accountable for information security and technology risk management across American Express Japan, aligning with APAC regulatory expectations and global standards. The leader will design, execute, and enhance the regional security risk strategy while acting as the primary interface with regulators and senior business leaders.