You Lead the Way. We’ve Got Your Back.

With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.

At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.

Join Team Amex and let's lead the way together.

Are you an experienced risk manager who’s looking for a new challenge? Are you detail and process-oriented and enjoy problem solving?   Do you enjoy a dynamic, collaborative work environment where you can make a mark?  Are you passionately curious with an impulse to seek new information and experiences and explore novel possibilities?  

 

If you've answered 'yes' to any or all the above, then you could be just who I am looking for! 

 

There is an exciting opportunity for a highly experienced Risk Manager to join the American Express Privacy Center of Excellence (COE) – part of the non-financial risk control management team.  

 

The first line privacy practices & risk management teams within the Privacy COE are responsible for the implementation of high-quality Privacy risk management standards and practices across Europe, APAC and LACC and increasing the awareness of privacy standards, the effectiveness of controls, compliance with regulations, and the adoption of industry best practice throughout the company.  

 

As a member of the privacy practices and risk management teams, you will work on the core privacy pillars (e.g., Notice & Transparency, Retention & Disposal, Data Transfers, Digital Trackers etc.) in American Express and will be responsible for assisting regional business units across Europe, APAC and LACC with the design, enhancement and operationalization of controls, processes, and procedures to ensure the proper usage and safeguarding of customer, colleague, and other confidential information. 

 

Reporting to the Director, International Privacy Practices & Risk Management, this role will support the evolution of high-quality Privacy risk management standards and practices across Europe, APAC and LACC and increase awareness of privacy standards, controls, regulations, and industry best practice.   

 

Job Responsibilities:  

Key responsibilities include, but are not limited to: 

Governance framework:   Partner with Operational Excellence teams to implement and execute high-quality Privacy risk management standards and practices across Europe, APAC and LACC.  Facilitate alignment/approvals from legal entity governance bodies.  Advice and Guidance: Provide ad hoc guidance and support on privacy queries from the business.  Issue Prevention: Support the business activities to prevent and resolve Privacy issues via root cause analysis, effective process and controls design and execution.   Process Excellence: Partner with business stakeholders to drive process and control excellence to improve business processes and controls and enhance efficiency, effectiveness, and productivity.  Process Risk Self-Assessment: Support privacy process owners in creating and documenting their process in addition to the risks and controls in their process using the PRSA methodology, driving consistent and accurate data completion and identifying when Legitimate Interest Assessments and Data Protection Impact Assessments are required.   Subject Matter Expert (SME): Providing SME direction and guidance to multi-disciplinary projects across Europe to ensure compliance with privacy legislation.  Procedures and Guidance: Drafting and updating internal procedures and guidance.   Monitoring & Testing: Drive the implementation of a robust 1st line of defense Privacy testing framework across Europe, APAC and LACC.  Engage and liaise with the Data Governance teams to support key business process testing/monitoring programs for core privacy pillars.  Management Information Reporting – Create and distribute accurate reporting and metrics on risks, issues and control deficiencies, results of self-assessments, control environment, tests, audits, and external events that would impact the Business Unit/Legal Entity’s ability to comply with applicable privacy requirements.   Innovation: Work with product teams to identify and implement tooling and automation for developing our technical privacy controls   Training and Awareness: Proactively engage and partner with stakeholders across the business to promote privacy by design, and the privacy and risk function and educate teams on changes to laws and regulations and external privacy practices 

 
 

Required Skills/Qualifications: 

5+ years of experience in non-financial risk or control management function Compliance, or a related discipline, preferably within the financial services industry.    Deep understanding of global privacy laws and practices, including the EU’s General Data Protection Regulation and enthusiasm for privacy and data protection.  Demonstrable experience in implementing regulatory requirements into business practices (processes & procedures), with an understanding of processes and information flows for business and operational units that manage customer, employee data and other confidential information.  Demonstrates a will to win, to deliver change in a challenging environment.  International work experience, including working with geographically dispersed colleagues across multiple lines of businesses   Ability to influence and negotiate with stakeholders to drive progress towards critical outcomes.  Must be able to work well with different areas of the organization, building strong relationships & establishing trust through predictable delivery.  Ability to thrive in a fast paced and fluid business environment.    Proven experience of working in a legal & regulatory environment with tight deadlines, changing information and ambiguity.   Excellent English skills both in speaking and writing; Japanese language skills or the motivation to learn Japanese is a bonus   Strong verbal and written communication skills, with an ability to craft messages that clearly and succinctly communicate key messages for internal and external audiences at all levels of the organization 

 

Desired Skills/Qualifications: 

Recognized specialist qualification in privacy or data protection an advantage  Strong interpersonal skills   Friendly team player with a professional mind-set   Someone who can think for themselves and take actions   Willing to work in a dynamic, multicultural and global environment where multilingual skills are a big asset

We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:

Competitive base salaries  Bonus incentives  Support for financial-well-being and retirement  Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)  Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need  Generous paid parental leave policies (depending on your location)  Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)  Free and confidential counseling support through our Healthy Minds program  Career development and training opportunities

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.