Information Security Architect
About the Company
Calling all innovators – find your future at Fiserv.
We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
About the Role
Information Security Architect
What does a successful Information Security Architect do at Fiserv?
This is a broad role that will cover many areas in Information Security, Information Risk, and Compliance. Primary responsibilities include performing security assessments and application code reviews, coordinating vulnerability remediation activities, assessing new technologies for security impacts, and management of compliance deliverables.
What you will do:
Lead in the design and development and implementation of a Zero-Trust Architecture, and other recent executive orders, as a core part of all design and development activities.
Support the team’s maintenance of FISMA artifacts as required in support of multiple System Security Plans and associated compliance.
Conducting architecture reviews and security impact assessments for technology and application development initiatives.
Maintain the coordination of application and infrastructure risk mitigation and vulnerability remediation activities.
Effectively communicating security and risk posture with technical and business audiences.
What you will need to have:
Must be a US citizen or have an active Resident Permit for security clearance requirements.
7+ years of experience working in technical information security and risk management roles.
Managing/maintaining FISMA and HVA compliance in accordance with requirements from NIST.
Demonstrated experience collaborating directly with external clients, business leadership, and auditors.
Direct technical background, to include familiarity with servers, network devices, and security systems.
Working knowledge of SIEM systems such as Splunk, LogRythm, IBM QRadar .
CISSP certification is required.
What would be great to have:
Bachelor’s degree in a technology field, Master’s degree preferred.
Experience in a commercial environment implementing Cloud technologies such as Microsoft Azure, AWS, or Google Cloud
Certifications: CISA, CISM CISSP, CCSP, Azure/AWS/Google Training and Certification
Experience working in a state, local or federal government environment.
Demonstrable understanding of Information Security and Risk Management capabilities across Windows and Linux systems, with Z/OS a plus, in the following domains:
Identity Access Management / Active Directory
Authentication and Authorization including SSO and Federation
Role-Based Access /Zero-Trust Model
Governance and Compliance
Securing Data /Operating System
Protecting the Network Layer
Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response