Application Security, Tech Lead
Want to be a part of a team that effects change? Join our team and see why Fiserv is one of the Most Admired Companies!
Essential Job Responsibilities:
- Maintains expertise in performing Business Application Security compliance assessments to identify compliance gaps Application Security standards and guidelines supported by ECS
- Collaborates with Application Security Pen testing team and Business Unit development team resources in providing a holistic governance/compliance oversight to business units as related to Application Security.
- Perform ongoing Application Security audits to ensure that the security posture is not compromised
- Working with Application pen testing team and business groups in facilitating compliance requirements
- Responsible for educating, monitoring, auditing, advising, and reporting of Application Security efforts.
- Monitor appropriate sources for newly identified Application Security vulnerabilities and any associated exception requests, work with Application pen testing team to evaluate the risk such vulnerabilities pose to the organization's security posture and further impact of associated exception requests, and advise management of appropriate measures to eliminate, reduce, or manage the organization's risk or exposure to such vulnerabilities and associated exception requests.
- Able to effectively manage and accurately maintain and report on key metrics to ensure management has proper visibility over all identified Application Security vulnerabilities and associated remediation plan.
- Bachelor’s Degree in Information Technology/Computer Science
- 6-8+ years of relevant experience in IT security and compliance. Risk management experience a plus.
- Experience working within a global security and/or compliance role.
- Experience in a variety of critical compliance domains such as Information Security, Privacy, with a strong focus on compliance, Application Security, and PCI.
- Hands on experience in application level attacks, bypassing firewalls, evading intrusion detection are a nice-to-have
- Experience in working on large applications, SDLC processes and Agile methodology.
- Familiarity with at least one network and web application vulnerability scanners as well as source code analysis tools.
- Familiarity with Security Standards and groups (OWASP, WASC). Strong understanding OWASP top 10, PCI requirements.
- Familiar with and able to apply corporate policies/standards, generally-accepted application security methods, concepts and techniques as they relate to this organization.
Skills and Knowledge Required:
- Certification in related area(s) desired - CISA, CISSP, CGEIT. Knowledge Network security firewalls IPS, IDS, others.
- Strong project management skills, w/ ability to handle multiple priorities & deadlines efficiently & effectively.
- Strong written and verbal communication skills. The ability to communicate across all levels is an essential prerequisite. Conscientious documentation skills to preserve auditable evidence required.
- Utilizes sound, seasoned analytical and problem-solving skills and possesses product, business, and technical expertise to execute assigned responsibilities
Who we are Find Your Forward at Fiserv, a FORTUNE™ 500 company, and join the industry leader in financial services technology. With more than 23,000 associates around the world, we’re pushing the boundaries of what’s possible with deep expertise and a dedication to innovation. We have an exceptional team and we would love to hire someone who is looking for a fun, collaborative, dynamic environment where hard work is rewarded and recognized.
Thank you for considering employment with Fiserv. Equal Employment Opportunity Employer, and it is the Company’s policy to make all employment decisions without regard to race, color, religion, creed, age, sex, national origin, veteran status, disability (as long as the individual is able to perform the essential functions of the job with or without reasonable accommodation), and any other characteristic protected by Law.
•Apply using your legal name
•Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
Candidate Resource Center
Need answers to a question about our process? Curious to learn more about next steps once you apply? Selecting your next career is no small matter, so that’s why we are here for you every step of the way. Learn more about our application, selection and hiring process, and get the answers you need to FAQs about recruiting at Fiserv.Learn More