Director-Digital Product Solution Design
Job Description
The GMNS Product team drives the development of new payment services and products for the American Express Global Network Issuers, Acquirers and Merchants and is responsible for the operation of the payment network, safely and securely processing more than ~$1.7 trillion in transaction volume globally each year.
Our remit spans the maintenance of existing functionality, the development of new products and services, operating the Network and managing the end-to-end partner lifecycle. Our solutions deliver value to American Express’ Card Members, acquirers and partners across the globe, whether proprietary or third-party, by facilitating secure and seamless transactions between American Express’ issuers, acquirers and merchants.
The Director Solutions Design is responsible for defining and governing American Express’s enterprise data‑security and encryption strategy across the global payment network. This role acts as an independent authority on security architecture, cryptographic design, and data‑security risk, ensuring that foundational capabilities remain scalable, compliant, and fit for long‑term network evolution.
This is a strategic, design‑led role focused on setting direction, establishing architectural guardrails, and enabling consistent adoption of data‑security capabilities across platforms and partners. The role ensures that security design principles are embedded into core network capabilities and decision‑making.
As data‑security threats, technologies, and industry standards continue to evolve, the Amex Network requires clear architectural leadership and coherent encryption strategy to protect its cryptographic foundations. This role ensures that data security remains a strategic enabler of network trust and scalability, while supporting safe, consistent adoption across platforms and partners.
Data‑Security & Encryption Strategy
Define and own the Network strategy for data‑security and encryption capabilities, including cryptographic key management and encryption capabilities across the Amex payment ecosystem.
Establish clear target‑state security architectures that support global scalability, resilience, and regulatory compliance
Lead with an external perspective, providing guidance on cryptographic approaches, control models, and long‑term investment direction.
Architecture Governance & Design Authority
Act as the independent design authority for data‑security and encryption across Network and Acquirer platforms.
Define and maintain architectural principles, security guardrails, and design standards applicable across initiatives.
Establish and govern risk‑based exception frameworks, ensuring consistent, well‑documented security decisions.
Risk & Regulatory Alignment
Serve as a trusted advisor to leadership on data‑security risk posture, trade‑offs, and control effectiveness.
Ensure security architectures align with evolving regulatory and industry standards, including PCI requirements, in partnership with Industry Engagement teams.
Support consistent interpretation of security obligations across product, platform, and partner enablement activities.
Enterprise & Partner Enablement
Partner closely with Partner & Business Solutions (PBS), Payments Consulting Group (PCG), and Partner & Product Enablement (PPE) to accelerate adoption of approved security designs.
Define how data‑security capabilities are positioned, communicated, and embedded across internal teams and external partners.
Enable scalable onboarding and certification by promoting standardized, reusable security patterns.
Stakeholder Leadership
Operate credibly with senior executives, architects, engineers, risk, and compliance stakeholders across the enterprise.
Influence outcomes through expert authority and design leadership, rather than direct delivery ownership.
Contribute to broader Network & Acquirer Business Architecture strategy and long‑range planning.
Required Skills & Experience
Deep expertise in data security, cryptography, and encryption architectures, ideally within large‑scale transaction or regulated environments
Strong understanding of PCI standards and security control frameworks, with the ability to translate standards into architectural guidance
Experience acting as a design, security, or architecture authority across complex, federated organisations
Proven ability to influence senior stakeholders and govern decisions without direct reporting control
Excellent written and verbal communication skills, including the ability to articulate complex risk and design concepts clearly
Preferred Experience
Background in payments, financial services, or other highly regulated digital platforms
Experience defining enterprise or network‑level security strategies
Familiarity with partner enablement, certification, or large‑scale platform ecosystems
Employment eligibility to work with American Express in the UK is required as the company will not pursue visa sponsorship for these positions.
At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service.
As part of Team Amex, you’ll experience our powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.