Director & Counsel - Cybersecurity and Third Party Risk

American Express - More jobs by this advertiser

You’ll do more than the expected. You’ll do the unexpected. 

General Counsel’s Organization:

Where great legal minds influence global business strategy.


This role is for a senior level lawyer to join the General Counsel’s Organization (GCO) at American Express at the Director & Counsel level providing legal support to colleagues throughout the world in American Express’ technology, business and legal functions on issues related to cyber security, resiliency, and outsourcing and third party risk. 


Role and Responsibilities:


Collaborate with colleagues around the world on cutting edge cyber security, resiliency and outsourcing and third party risk legal issues.


The Director & Counsel role will be based in London, a member of the Technology & Digital Law Group.  The candidate will be responsible for providing legal advice before and during cyber security and operational incidents; drafting and negotiating security-related contract terms; advising on outsourcing and third party risk and cyber security regulatory issues; and monitoring legal developments and engaging in public policy consultations.  This position will report to the Vice President & Senior Counsel, Cyber Security and Third Party Risk based in New York.


Primary Responsibilities

  • Provide legal support and strategic advice to the internal American Express groups responsible for managing technology, resiliency and cyber security risk and for managing outsourcing and other third party risk

  • Develop, draft and negotiate cyber security contract requirements on a global basis across all American Express business units and entities, with a particular focus on Europe and Asia

  • Provide legal support to American Express to prepare for and during security or operational incidents and advise the Enterprise Incident Response Program regarding legal and regulatory obligations related to data subject and authority notifications

  • Monitor and advise on global emerging technology, cyber security, resiliency and outsourcing and third party risk management regulatory requirements and trends 

  • Assist in the development of American Express strategy and policies in response to and anticipation of regulatory developments and industry trends

  • Provide support as needed during financial regulatory examinations and inquiries from authorities related to cyber security and third party risk

  • Review new digital products and services for compliance with cyber security, authentication and outsourcing and third party risk requirements

  • Build positive working relationships across the legal department, business and technology teams and build relationships with external industry and trade groups. The role is expected to partner closely with our privacy legal team

  • Respond to public policy consultations and supporting regulatory engagement on matters related to emerging technology, cyber security, resiliency and outsourcing and third party risk

  • Implement and improve methods for legal knowledge management within the team

  • Brief colleagues and clients on significant developments and project

  • Prepare and support the delivery of internal training on legal cyber security and third party risk issues and American Express processes regarding contracting and incident response

  • Obtain legal opinions and advice from outside counsel, as needed, and manage related budgets

The ideal candidate is a strategic thinker with strong analytical skills who has experience in emerging technology, cyber security, existing and emerging laws and regulations impacting technology, cyber security, the financial sector and outsourcing and third party risk, and has a demonstrated aptitude for negotiating security terms in contracts and providing legal advice during security and operational incidents.  Experience with other aspects of data protection, authentication, and financial sector regulation is a plus.


The candidate will need to be confident and able to build relationships, work closely and communicate effectively with internal clients and legal department colleagues throughout Europe, the U.S. and Asia on a routine basis.

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.


Specific Experience Required: 

  • Extensive PQE with a material body of relevant post-qualification experience related to incident response, contract negotiations, and advising on cyber security and outsourcing and third party risk legal matters, and/or relevant experience

  • Qualified to practice law and provide legal advice in an EU jurisdiction with ability and willingness to qualify in UK (if not already so qualified)

  • Fluency in English; other European languages or local law competency helpful

Required Personal Attributes:

  • Strong interest in digital products and emerging technology, cyber security and outsourcing and third party risk issues

  • Ability to build strong working relationships with and communicate effectively across business, legal and technology colleagues around the world

  • Self-starter capable of effectively working across an international legal team with colleagues based primarily in London, the U.S. and Asia

  • Ability to advise colleagues in a commercially practical, hands-on, and common sense manner

  • Strong analytical and problem solving skills with proven record of ability to grasp complex issues quickly

  • Prepared to take the lead and make appropriate recommendations to management and brief stakeholders at all levels of the organisation orally and in writing, particularly during incident response

  • Strong drafting, research, negotiation and influencing skills

  • Ability to manage and prioritise a wide variety of matters and stakeholders

  • Strong knowledge-management and organisational skills, and proven record of identifying and implementing improvements to enhance efficiency and productivity

  • Willing to learn about the various business groups at American Express as well as the applicable regulatory environment and to leverage experience gained in this position to expand skill set for future career growth at American Express

  • Committed to the American Express values, with high personal work standards

The success of American Express since its inception has been defined by its ability to innovate, evolve, disrupt, and take risks. What has remained constant throughout this history of transformation is our dedication to our customers, to our employees, and to the values on which American Express was built: integrity, quality, respect, and community. Our open, creative, and collaborative culture is a big part of why we regularly win best workplace awards all over the world. So if you are ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.

Why American Express?

There’s a difference between having a job and making a difference.


Amex have been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.


We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.


Because we believe that the best way to back our customers is to back our people.


The powerful backing of American Express.

Don’t make a difference without it.

Don’t live life without it.


To complete your application please click on the links below. However, if you require any assistance with the completion of this process – or need any reasonable adjustments to be made – then please contact the Recruitment Team on [email protected] or 00800 83 000038 (free phone, subject to individual carrier charges). For Russia based candidates on 810 800 83 000038.


15 February 2020
Work type:
Full time
Banking and Financial Services
PLEASE! No enquiries from Recruitment Agencies or Headhunters.

Only direct applications will be considered.

This career opportunity is no longer open.
Please search for current vacancies here.

Bookmark and Share
  • Previous Next

This website uses cookies

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy.
I agree
Read more