Information Security Analyst, Tech Lead
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Dover, DE 19904
What does a great Information Security Analyst, Tech Lead do at Fiserv?
You’ll lead a critical process while continually improving the security posture of Fiserv through the analysis of application security activities and analysis. To be successful, you’ll have prior experience in Q/A or development so you can work seamlessly with our pen testers and development team, assuring the security of our applications.
We need someone like you with a real passion for security and who understands the importance of keeping all applications secure and compliant.
Every single day you’ll respond appropriately to the results of such analysis, providing security-related mentorship, developing security policies and evangelizing security matters throughout the company. You’ll report to Credit Union’s ISSO to identify, classify, advise, track remediation and help to mitigate security risks. You’ll be responsible for application security assessments, data analysis and risk management/validation.
You’ll focus on the Software Development Process (SDLC) aspects of information security and have good technical ‘chops’ which will enable you to guide, prevent and remediate issues.
Additionally you’ll serve as a strategic advisor to Information Security, Compliance, and the business unit in the identification and remediation of information security risks and concerns through technical and information security services. We need someone who can provide support for integrated security systems and solutions to ensure proprietary/confidential data are protected. Through positive relationships, you’ll provide oversight of information security processes for the enterprise. Each day will bring variety and challenge as you assist in the configuration and validation of secure systems. Your ability to test security products and systems to detect security weaknesses is vital to this role.
You’re the kind of person who has direct experience with:
- Project Software Reviews
- Software Development Training such as secure development standard methodologies
- SDLC Security Integration into build, deployment, test, environment management, monitoring and production releases
- Remediation Planning and Implementation based on Project Software reviews and findings
- Ability and can do mentality to support audits as needed
- Application Penetration Testing – Scheduling, Exception Review, Issue Management / Review
- Production Vulnerability Management Oversight
- Vulnerability Research and Remediation Guidance
- Oversight for the Secure System Development Life Cycle (SDLC)
- Lead the Training effort for Secure Code Development
- Production Environment Change Management Oversight
- Internal and External Support as required
- Review Project Content / Requirements as necessary for Security Impacts
- Interact / Associate with Product Develop & Support Teams for Resolution of Issues
- Participate in the analysis of Information Security metrics as required
- Reporting of Security and Resiliency Assurance to Risk and Information Security Leadership
Basic Qualifications For Consideration:
- Bachelor’s or Master’s Degree in Computer Science or Information Technology Field or high school diploma/GED
Experience or prior background with Q/A or Development to be successful is required
Minimum of 10 of years of IT experience
Minimum of four years’ experience in application security development
Extensive knowledge of secure coding techniques
Preferred Skills For Consideration:
- Financial services industry experience strongly preferred; Working in a matrix reporting environment with general knowledge of business unit and functional ownership
- Knowledge of secure software deployment methodologies, tools, and practices.
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- CISSLP, CISSP, Security+, CISM, GFCA preferred
- Pen testing experience or prior is nice to have
Travel required: 10%
Who We Are: Credit Union Solutions at Fiserv provides integrated account processing solutions for more than one-third of the credit union marketplace, building a creative foundation for growth, as well as the technology needed to drive efficiency and deliver superior member service in a changing marketplace.
We have a lot to consider, from identifying and adapting to changing regulations and mitigating risk to keeping pace with evolving technology and providing excellent member service. Credit unions’ goals aren’t new. How they achieve them is. With the right tools in place, Fiserv helps credit unions eliminate barriers to growth, realize efficiencies, ensure compliance, face risk issues head on and provide the superior service members deserve.
Want to be a part of a team that effects change? Join our team and see why Fiserv is one of the Most Admired Companies – year after year!
FISERV IS AN EQUAL OPPORTUNITY EMPLOYER/DISABILITY/VET
Fiserv is an Equal Opportunity Employer/Disability/Vet. Visit http://www.careers.fiserv.com/eeo for more information.