You’ll do more than the expected. You’ll do the unexpected.
General Counsel’s Organization:
Where great legal minds influence global business strategy.
This role is for a senior level lawyer to join the General Counsel’s Organization (GCO) at American Express at the Director & Counsel level providing legal support to colleagues throughout the world in American Express’ technology, business and legal functions on issues related to cyber security, resiliency, and outsourcing and third party risk.
Role and Responsibilities:
Collaborate with colleagues around the world on cutting edge cyber security, resiliency and outsourcing and third party risk legal issues.
The Director & Counsel role will be based in London, a member of the Technology & Digital Law Group. The candidate will be responsible for providing legal advice before and during cyber security and operational incidents; drafting and negotiating security-related contract terms; advising on outsourcing and third party risk and cyber security regulatory issues; and monitoring legal developments and engaging in public policy consultations. This position will report to the Vice President & Senior Counsel, Cyber Security and Third Party Risk based in New York.
Provide legal support and strategic advice to the internal American Express groups responsible for managing technology, resiliency and cyber security risk and for managing outsourcing and other third party risk
Develop, draft and negotiate cyber security contract requirements on a global basis across all American Express business units and entities, with a particular focus on Europe and Asia
Provide legal support to American Express to prepare for and during security or operational incidents and advise the Enterprise Incident Response Program regarding legal and regulatory obligations related to data subject and authority notifications
Monitor and advise on global emerging technology, cyber security, resiliency and outsourcing and third party risk management regulatory requirements and trends
Assist in the development of American Express strategy and policies in response to and anticipation of regulatory developments and industry trends
Provide support as needed during financial regulatory examinations and inquiries from authorities related to cyber security and third party risk
Review new digital products and services for compliance with cyber security, authentication and outsourcing and third party risk requirements
Build positive working relationships across the legal department, business and technology teams and build relationships with external industry and trade groups. The role is expected to partner closely with our privacy legal team
Respond to public policy consultations and supporting regulatory engagement on matters related to emerging technology, cyber security, resiliency and outsourcing and third party risk
Implement and improve methods for legal knowledge management within the team
Brief colleagues and clients on significant developments and project
Prepare and support the delivery of internal training on legal cyber security and third party risk issues and American Express processes regarding contracting and incident response
Obtain legal opinions and advice from outside counsel, as needed, and manage related budgets
The ideal candidate is a strategic thinker with strong analytical skills who has experience in emerging technology, cyber security, existing and emerging laws and regulations impacting technology, cyber security, the financial sector and outsourcing and third party risk, and has a demonstrated aptitude for negotiating security terms in contracts and providing legal advice during security and operational incidents. Experience with other aspects of data protection, authentication, and financial sector regulation is a plus.
The candidate will need to be confident and able to build relationships, work closely and communicate effectively with internal clients and legal department colleagues throughout Europe, the U.S. and Asia on a routine basis.
Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.
Specific Experience Required:
Extensive PQE with a material body of relevant post-qualification experience related to incident response, contract negotiations, and advising on cyber security and outsourcing and third party risk legal matters, and/or relevant experience
Qualified to practice law and provide legal advice in an EU jurisdiction with ability and willingness to qualify in UK (if not already so qualified)
Fluency in English; other European languages or local law competency helpful
Required Personal Attributes:
Strong interest in digital products and emerging technology, cyber security and outsourcing and third party risk issues
Ability to build strong working relationships with and communicate effectively across business, legal and technology colleagues around the world
Self-starter capable of effectively working across an international legal team with colleagues based primarily in London, the U.S. and Asia
Ability to advise colleagues in a commercially practical, hands-on, and common sense manner
Strong analytical and problem solving skills with proven record of ability to grasp complex issues quickly
Prepared to take the lead and make appropriate recommendations to management and brief stakeholders at all levels of the organisation orally and in writing, particularly during incident response
Strong drafting, research, negotiation and influencing skills
Ability to manage and prioritise a wide variety of matters and stakeholders
Strong knowledge-management and organisational skills, and proven record of identifying and implementing improvements to enhance efficiency and productivity
Willing to learn about the various business groups at American Express as well as the applicable regulatory environment and to leverage experience gained in this position to expand skill set for future career growth at American Express
Committed to the American Express values, with high personal work standards
The success of American Express since its inception has been defined by its ability to innovate, evolve, disrupt, and take risks. What has remained constant throughout this history of transformation is our dedication to our customers, to our employees, and to the values on which American Express was built: integrity, quality, respect, and community. Our open, creative, and collaborative culture is a big part of why we regularly win best workplace awards all over the world. So if you are ready to take on a challenge and make an impact, you owe it to yourself to launch or grow your career here.
Why American Express?
There’s a difference between having a job and making a difference.
Amex have been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.
We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it.
To complete your application please click on the links below. However, if you require any assistance with the completion of this process – or need any reasonable adjustments to be made – then please contact the Recruitment Team on [email protected] or 00800 83 000038 (free phone, subject to individual carrier charges). For Russia based candidates on 810 800 83 000038.