Vice President, Information Security Risk and Engagement, American Express
Phillip Collett is Vice President, Business Information Security Officer, for American Express. In this role, Phil is responsible for information security control enforcement, cybersecurity awareness and enablement across all lines of business, enterprise functions, technology, and for ensuring that information security decision making, and performance reporting is effectively managed for American Express Banking and its Legal entities.
Phil has more than 15 years’ experience in Financial Services technology; including hands-on network administration, production support, architecture, information security, and risk management in roles of increasing responsibility. In his current position, Phil leads a global Technology Risk and
Information Security organization with teams in Phoenix, Salt Lake, New York, Toronto, Mexico City, London, and Bangalore. Phil is an active contributor in Information Security industry associations, with specific emphasis on Cyber Risk Quantification and Regulatory Harmonization.
In his previous role as Director of Cyber Risk, Phil led the design and implementation of threat quantification and risk calculation tools, application security assessments, product security evaluations, control assessments, and exceptions management.
Phil has a Bachelor’s in Economics from the University of Utah, a Master of Information Security from Carnegie Mellon University, and holds several technical certifications including CISM and CISSP.
Phil Collett is Vice President of Technology Risk at American Express. In this role, Phil is responsible for IT/IS policies and standards, cyber risk management, business information security officers (BISO), security control enforcement, security assessments, regulatory compliance, and risk reporting across all American Express lines of business and legal entities.
In a previous role, Phil led the design and implementation of novel cyber threat quantification and risk assessment methodologies used for dynamic risk scaling and aggregation. He has more than 15 years’ experience in Financial Services technology in roles of increasing responsibility; including network administration, production support, architecture, privacy, information security, and risk management with specific emphasis on emerging technologies, cyber risk quantification and regulatory harmonization.
Phil has a Bachelor in Economics from the University of Utah, a Master of Information Security from Carnegie Mellon University, and holds cybersecurity patents and several technical certifications including CISM and CISSP.