At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service.

As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

The Regional Information Security Officer (RISO) for Japan is a senior leadership role within the International Risk & Control team, in Enterprise Technology Services. The role is accountable for information security and technology risk management across American Express Japan, aligned to APAC (Asia Pacific) regulatory expectations and global enterprise standards.

This leader will design, execute, and continuously enhance the regional information security risk strategy, acting as the primary interface with regulators, senior business leaders, and global cybersecurity teams. The RISO – Japan will provide oversight of control effectiveness, regulatory compliance, risk reporting, and incident readiness across the market.

Key Responsibilities

• Lead regional information security and technology risk management for American Express Japan, aligned to regulatory and business priorities
• Serve as the primary liaison between enterprise information security functions and APAC legal entities – specifically Japan, ensuring effective risk governance and control adoption
• Own first-line information security risk identification, assessment, and reporting for Japan; support broader APAC entities as required
• Assess and challenge the design and operating effectiveness of security controls protecting confidentiality, integrity, and availability of systems and data
• Partner closely with Legal, Compliance, Privacy, Audit and Risk teams to meet regulatory and supervisory expectations
• Lead security input into regulatory change initiatives, market programs, and technology transformations
• Identify, scope, and investigate emerging cyber and technology risks, including third-party and affiliate risks
• Deliver executive-level risk reporting, metrics, KPIs, and KRIs demonstrating cybersecurity program effectiveness
• Lead and respond to information security audits, regulatory examinations, and supervisory reviews
• Represent ETS in local risk committees and in meetings with Japanese regulators, articulating American Express' security posture
• Collaborate with global teams to ensure consistent, market-specific implementation of enterprise security standards

Required Experience & Qualifications

• 10+ years' experience in Information Security, Cybersecurity, or Technology Risk Management
• Proven experience engaging with regulators in highly regulated environments (e.g., METI or equivalent)
• Strong expertise across core security domains, including:
• Vulnerability and threat management
• Data protection and privacy including PCI-DSS
• Infrastructure, application, and cloud security
• Identity & access management
• Incident response and cyber analytics
• Third party security
• Demonstrated ability to translate threats into risk, aligned to risk appetite and control effectiveness
• Deep understanding of the Japan and APAC cyber and tech risk regulatory landscape

Education & Certifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field
• Master's degree preferred
• Relevant professional certifications such as CISSP, CISM, CRISC, CISA, PCI (or equivalent)

Leadership & Core Skills

• Experienced people leader with the ability to lead and develop teams in complex, matrixed organizations
• Exceptional written and verbal communication, with the ability to influence senior executives and regulators
• Strong capability to lead technical and risk discussions with non-technical stakeholders
• Fluency in Japanese and English (written and spoken)
• Highly self-motivated, detail-oriented, and comfortable operating with autonomy and accountability

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

• Competitive base salaries
• Bonus incentives
• Support for financial-well-being and retirement
• Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
• Generous paid parental leave policies (depending on your location)
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.