You Lead the Way. We’ve Got Your Back.
With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.
At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.
Join Team Amex and let's lead the way together.
Are you an experienced risk manager who’s looking for a new challenge? Are you detail and process-oriented and enjoy problem solving? Do you enjoy a dynamic, collaborative work environment where you can make a mark? Are you passionately curious with an impulse to seek new information and experiences and explore novel possibilities? If you've answered 'yes' to any or all the above, then you could be just who we are looking for! There is an exciting opportunity for a highly experienced Risk Manager to join the American Express International Privacy Risk & Control (IPRC) – part of International Risk & Control Operations. The first line privacy & risk management teams within IPRC are responsible for the implementation of high-quality Privacy risk management standards and practices across Europe, APAC and LACC and increasing the awareness of privacy standards, the effectiveness of controls, compliance with regulations, and the adoption of industry best practice throughout the company. As a member of the IPRC teams, you will work on the core privacy pillars (e.g., Notice & Transparency, Retention & Disposal, Data Transfers, Digital Trackers etc.) in American Express and will be responsible for assisting regional business units across Europe, APAC and LACC with the design, enhancement and operationalization of controls, processes, and procedures to ensure the proper usage and safeguarding of customer, colleague, and other confidential information. Reporting to the Director, International Privacy Practices & Risk Management, this role will support the evolution of high-quality Privacy risk management standards and practices across Europe, APAC and LACC and increase awareness of privacy standards, controls, regulations, and industry best practice. Job Responsibilities: Key responsibilities include, but are not limited to: Governance framework: Partner with control management teams to implement and execute high-quality Privacy risk management standards and practices across Europe, APAC and LACC. Facilitate alignment/approvals from legal entity governance bodies. Process Excellence: Partner with business stakeholders to drive process and control excellence to improve business processes and controls and enhance efficiency, effectiveness, and productivity. Monitoring & Testing: Drive the implementation of a robust 1st line of defense Privacy testing framework across Europe, APAC and LACC. Engage and liaise with teams and 3rd parties to support key business process testing/monitoring programs for core privacy pillars. Process Risk Self-Assessment: Support privacy process owners in creating and documenting their process in addition to the risks and controls in their process using the PRSA methodology, driving consistent and accurate data completion and identifying when Legitimate Interest Assessments and Data Protection Impact Assessments are required. Advice and Guidance: Provide ad hoc guidance and support on privacy queries from the business. Issue Prevention: Support the business activities to prevent and resolve Privacy issues via root cause analysis, effective process and controls design and execution. Subject Matter Expert (SME): Providing SME direction and guidance to multi-disciplinary projects across Europe to ensure compliance with privacy legislation. Procedures and Guidance: Drafting and updating internal procedures and guidance. Innovation: Work with product teams to identify and implement tooling and automation for developing our technical privacy controls Training and Awareness: Proactively engage and partner with stakeholders across the business to promote privacy by design, and the privacy and risk function and educate teams on changes to laws and regulations and external privacy practices Management Information Reporting – Create and distribute accurate reporting and metrics on risks, issues and control deficiencies, results of self-assessments, control environment, tests, audits, and external events that would impact the Business Unit/Legal Entity’s ability to comply with applicable privacy requirements.Recommended Skills/Qualifications:
5+ years of experience in Operational Risk, Compliance, or a related discipline, preferably within the financial services industry:
Recognized specialist qualification in privacy or data protection an advantage/preferred
Deep understanding of global privacy regulations including GDPR (European General Data Protection Regulation), India Digital Personal Data Protection Act, 2023 or other data protection acts, complimented by an enthusiasm for privacy and data protection.
Demonstrable experience of developing and implementing testing & monitoring first line processes
Experience of designing and implementing first line risk reporting and MIS
Demonstrable experience in implementing regulatory requirements into business practices (processes & procedures), with an understanding of processes and information flows for business and operational units that manage customer, employee data and other confidential information.
Demonstrates a will to win, to deliver change in a challenging environment.
Experience of working with geographically dispersed colleagues across multiple lines of businesses
Ability to influence and negotiate with stakeholders to drive progress towards critical outcomes.
Must be able to work well with different areas of the organization, building strong relationships & establishing trust through predictable delivery.
Ability to thrive in a fast paced and fluid business environment.
Proven experience of working in a legal & regulatory environment with tight deadlines, changing information and ambiguity. Knowledge of privacy regulation preferred Strong verbal and written communication skills, with an ability to craft messages that clearly and succinctly communicate key messages for internal and external audiences at all levels of the organizationWe back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:
Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunitiesAmerican Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.