At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service.

As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

 

The Regional Information Security Officer (RISO) for Japan is a senior leadership role within the International Risk & Control team, in Enterprise Technology Services. The role is accountable for information security and technology risk management across American Express Japan, aligned to APAC (Asia Pacific) regulatory expectations and global enterprise standards.

This leader will design, execute, and continuously enhance the regional information security risk strategy, acting as the primary interface with regulators, senior business leaders, and global cybersecurity teams. The RISO – Japan will provide oversight of control effectiveness, regulatory compliance, risk reporting, and incident readiness across the market.

Key Responsibilities

Lead regional information security and technology risk management for American Express Japan, aligned to regulatory and business prioritiesServe as the primary liaison between enterprise information security functions and APAC legal entities – specifically Japan, ensuring effective risk governance and control adoptionOwn first-line information security risk identification, assessment, and reporting for Japan; support broader APAC entities as requiredAssess and challenge the design and operating effectiveness of security controls protecting confidentiality, integrity, and availability of systems and dataPartner closely with Legal, Compliance, Privacy, Audit and Risk teams to meet regulatory and supervisory expectationsLead security input into regulatory change initiatives, market programs, and technology transformationsIdentify, scope, and investigate emerging cyber and technology risks, including third-party and affiliate risksDeliver executive-level risk reporting, metrics, KPIs, and KRIs demonstrating cybersecurity program effectivenessLead and respond to information security audits, regulatory examinations, and supervisory reviewsRepresent ETS in local risk committees and in meetings with Japanese regulators, articulating American Express’ security postureCollaborate with global teams to ensure consistent, market-specific implementation of enterprise security standards

Required Experience & Qualifications

10+ years’ experience in Information Security, Cybersecurity, or Technology Risk ManagementProven experience engaging with regulators in highly regulated environments (e.g., METI or equivalent)Strong expertise across core security domains, including:Vulnerability and threat managementData protection and privacy including PCI-DSSInfrastructure, application, and cloud securityIdentity & access managementIncident response and cyber analyticsThird party securityDemonstrated ability to translate threats into risk, aligned to risk appetite and control effectivenessDeep understanding of the Japan and APAC cyber and tech risk regulatory landscape

Education & Certifications

Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related fieldMaster’s degree preferredRelevant professional certifications such as CISSP, CISM, CRISC, CISA, PCI (or equivalent)

Leadership & Core Skills

Experienced people leader with the ability to lead and develop teams in complex, matrixed organizationsExceptional written and verbal communication, with the ability to influence senior executives and regulatorsStrong capability to lead technical and risk discussions with non-technical stakeholdersFluency in Japanese and English (written and spoken)Highly self-motivated, detail-oriented, and comfortable operating with autonomy and accountability

We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally:

Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities

Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations.