Manager, CyberOps & Assurance (DSPM Engineering/Cloud)
Role details
Job location
Tech stack
Job description
The Data Security team is responsible for safeguarding the organization's most critical asset-its data-by ensuring confidentiality, integrity, and availability across all platforms and environments. Working at the intersection of cybersecurity, data governance, and privacy, the Data Security team focuses on capabilities such as data classification, encryption, secure data access, and monitoring. The team partners closely with engineering, risk, and business units to embed security controls throughout the data lifecycle-from creation and storage to sharing and archival.
The candidate will be part of a specialized sub-team focused on Data Security Posture Management (DSPM). This sub-team is responsible for providing visibility into sensitive data across cloud and on-prem environments, identifying data security risks, and driving remediation efforts. The team leverages modern DSPM tools and analytics to discover, classify, and monitor data, ensuring proper access controls and compliance with internal policies and external regulations. The role involves working on initiatives that enhance data visibility, reduce risk exposure, and strengthen the organization's overall data security posture
American Express is seeking a highly technical Manager - CyberOps & Assurance to lead a small team responsible for building and scaling enterprise data security capabilities across our Data Security Posture Management (DSPM) and Data Discovery & Classification platforms.
This role combines hands-on technical leadership with direct team oversight, requiring a manager who actively contributes to engineering efforts while guiding a team in delivering scalable, integrated data security solutions.
You will be responsible for advancing core data security capabilities, integrating them across the enterprise, and ensuring strong execution, automation, and operational maturity.
Why This Role Matters
This role is critical to advancing American Express' data security capabilities through strong technical execution and focused team leadership. You will directly influence how sensitive data is protected across the enterprise while helping build scalable, modern, and AI-enabled data security solutions.
Responsibilities
Team Leadership & Execution
- Lead and support a small team of data security engineers focused on DSPM and data classification capabilities
- Provide technical guidance, remove blockers, and ensure consistent delivery of high-quality engineering outcomes
- Contribute to prioritization and execution while maintaining strong alignment with broader program objectives
- Promote a culture of ownership, accountability, and continuous improvement
Technical Leadership & Architecture Oversight
- Own the design and evolution of data discovery, classification, and DSPM capabilities across multi-cloud and on-prem environments
- Define scalable architecture patterns for onboarding, classification, and integration across diverse data environments
- Provide hands-on technical guidance and participate directly in complex engineering efforts
Hands-On Engineering & Platform Enablement
- Actively contribute to implementation, configuration, and optimization of data security capabilities
- Lead complex or high-impact initiatives requiring deep technical expertise
- Ensure scalability, performance, and reliability across the environment
Integration & Enterprise Data Flow Strategy
- Drive integration of data discovery, classification, and DSPM capabilities with enterprise systems, including:
- Data catalog platforms
- ITAM / CMDB systems
- SIEM / SOAR and security analytics platforms
- Guide development of API-driven and event-based architectures to enable consistent and timely propagation of classification and risk signals
Data Discovery, Classification & Emerging Environments
- Oversee implementation and refinement of classification strategies for sensitive data (PCI, PII, financial, regulated data)
- Improve detection logic, classification accuracy, and signal quality
- Expand discovery and classification capabilities into next-generation data creation environments, including:
- LLM-driven workflows and prompt/response data flows
- AI/ML pipelines and training datasets
- Emerging platforms such as MCP servers and AI orchestration layers
Automation, Scale & AI-Augmented Operations
- Drive adoption of automation frameworks for:
- Data onboarding and scanning
- Classification workflows
- Risk detection and remediation
- Leverage AI-assisted automation and platform-native intelligence to:
- Improve efficiency and reduce manual effort
- Increase consistency and scalability of controls
- Identify opportunities to apply AI-driven techniques to improve operational performance and detection quality
Cross-Functional Partnership
- Partner with data engineering, platform, governance, and security teams to embed data security into enterprise workflows
- Collaborate with product, risk, and compliance stakeholders to align capabilities with business and regulatory needs
- Support resolution of complex technical and operational issues
Requirements
- 8+ years of experience in cybersecurity, data security, or data engineering with strong focus on data discovery, classification, or DSPM
- Experience leading or mentoring engineers in a technical environment, while remaining hands-on
- Strong expertise in:
- Modern data architectures (data lakes, warehouses, distributed systems)
- Structured and unstructured data ecosystems
- Data classification methodologies and regulatory frameworks (PCI, PII)
- Demonstrated experience designing and implementing enterprise-scale integrations, including:
- Data catalog platforms
- ITAM / CMDB systems
- SIEM / SOAR or security analytics platforms
- Strong technical skills in:
- APIs and integration patterns (REST, event-driven architectures)
- Programming/scripting (Python preferred)
- Cloud platforms (AWS, Azure, or GCP)
- Demonstrated experience leveraging AI-assisted tools or platform-native intelligence to improve engineering efficiency and enhance data discovery/classification outcomes
- Ability to apply data-driven and AI/ML-assisted approaches to improve detection accuracy, reduce false positives, and scale operations
Preferred Qualifications
- Experience working with enterprise data security, DSPM, or classification solutions
- Experience contributing to platform transformations or large-scale security initiatives
- Familiarity with data governance and metadata management ecosystems
- Experience in financial services or other highly regulated environments
- Exposure to DevSecOps, infrastructure-as-code, and automation practices
- Experience working with or tuning ML/NLP-based classification capabilities
- Exposure to securing AI/ML or GenAI-driven data environments
Leadership & Mindset Expectations
- Hands-on technical leader with a strong builder mindset
- Ability to balance individual contribution with team guidance
- Systems thinker focused on integration, data flows, and scalability
- Practical and outcome-oriented in leveraging automation and AI
- Comfortable operating in complex, evolving environments
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions
Benefits & conditions
We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:
- Competitive base salaries
- Bonus incentives
- 6% Company Match on retirement savings plan
- Free financial coaching and financial well-being support
- Comprehensive medical, dental, vision, life insurance, and disability benefits
- Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
- 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
- Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
- Free and confidential counseling support through our Healthy Minds program
- Career development and training opportunities
For a full list of Team Amex benefits, visit out Colleague Benefits Site (https://www.americanexpress.com/en-us/colleagues/benefits) .
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions.
We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.
