Manager, IT Cyber Risk and Audit Governance - Risk Management

Location: DFW Headquarters Building 7 (DFW-SV07)
Cities: Dallas - TX
Requisition ID: 80000

Job Description

Intro

Are you ready to explore a world of possibilities, both at work and during your time off? Join our American Airlines family, and you'll travel the world, grow your expertise and become the best version of you. As you embark on a new journey, you'll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life. Feel free to enrich both your personal and work life and hop on board!

Why you'll love this job

The Manager, Cybersecurity Risk Management plays a key role in American Airlines' Cybersecurity Governance, Risk, and Compliance (GRC) function. This position is responsible for both Third-Party Risk Management (TPRM) and Cybersecurity Risk Analysis efforts. The role ensures that the airline maintains a strong understanding of its cybersecurity risk landscape across internal operations and third-party dependencies.

What you'll do

As noted above, this list is intended to reflect the current job but there may be additional essential functions (and certainly non-essential job functions) that are not referenced. Management will modify the job or require other tasks be performed whenever it is deemed appropriate to do so, observing, of course, any legal obligations including any collective bargaining obligations.

• Develop and implement a cyber risk quantification framework to support strategic decision-making
• Define and monitor cyber risk indicators, thresholds, and metrics in partnership with cybersecurity, IT, and business stakeholders
• Conduct scenario-based and control-based cyber risk assessments to inform planning and improve incident response readiness
• Advise business units and BISOs on cyber risk exposure, remediation options, and alignment with enterprise risk tolerance
• Lead the enterprise-wide third-party risk management program, including onboarding, risk assessments, control validations, and ongoing monitoring
• Collaborate with procurement, legal, and business units to ensure security and data protection requirements are integrated across the vendor lifecycle
• Maintain a centralized inventory of third-party relationships mapped to risk tiers, criticality, data sensitivity, and required security controls
• Leverage GRC platforms to streamline risk management workflows, enhance reporting, and support other GRC functions
• Stay current on emerging threats, regulatory changes, and industry best practices to evolve the cyber risk management program

All you'll need for success

Minimum Qualifications- Education & Prior Job Experience

• Bachelor's degree in Cybersecurity, Risk Management, Computer Science or equivalent experience/training
• 5+ years of experience in Cybersecurity, Risk Management, or related GRC fields
• Hands-on experience managing and/or conducting enterprise risk assessments
• Experience in a large, complex, or highly regulated environment
• Familiarity with cybersecurity frameworks (e.g. NIST CSF) and regulatory standards (e.g. TSA, PCI DSS)
• 2 years of experience in a supervisory role
• 2 years of experience with operating in an Agile development environment

Preferred Qualifications- Education & Prior Job Experience

• Master's degree in Cybersecurity, Information Assurance, or a related field
• Experience in a managerial role, overseeing a team of cybersecurity risk management professionals

Skills, Licenses & Certifications

• Relevant cybersecurity certifications, such as CISSP, CISM, CRISC, CISA, or equivalent
• Strong knowledge of cyber risk quantification or modeling frameworks
• Strong knowledge of third party risk management and GRC platforms (e.g. OneTrust, Archer)
• Strong understanding of cybersecurity controls and third party attack vectors
• Knowledge of principles and best practices in Information Security, Privacy, Business Continuity, and Disaster Recovery
• Audit background, including familiarity with SOC I (SSAE16 ) and SOC II, ISO 27001, preferred
• Experience presenting key, sensitive information to Senior Leadership
• Demonstrated initiative, flexibility, and ability to adapt to changing priorities and work environments
• Proven ability to handle multiple projects/work streams and demands efficiently
• Demonstrated ability to deliver prioritized outcomes using Agile work management principles
• Ability to think strategically and use sound judgment and initiative in making decisions

What you'll get

Feel free to take advantage of all that American Airlines has to offer:

• Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network.
• Health Benefits: On day one, you'll have access to your health, dental, prescription and vision benefits to help you stay well. And that's just the start, we also offer virtual doctor visits, flexible spending accounts and more.
• Wellness Programs: We want you to be the best version of yourself - that's why our wellness programs provide you with all the right tools, resources and support you need.
• 401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year.
• Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more

Feel free to be yourself at American

From the team members we hire to the customers we serve, inclusion and diversity are the foundation of the dynamic workforce at American Airlines. Our 20+ Employee Business Resource Groups are focused on connecting our team members to our customers, suppliers, communities and shareholders, helping team members reach their full potential and creating an inclusive work environment to meet and exceed the needs of our diverse world.

Are you ready to feel a tremendous sense of pride and satisfaction as you do your part to keep the largest airline in the world running smoothly as we care for people on life's journey? Feel free to be yourself at American.

Cities: Dallas - TX
Requisition ID: 80000