Basic Qualifications for Consideration : Maintains expertise in performing Business Application Security compliance assessments to identify compliance gaps Application Security standards and guidelines supported by ECS
Collaborates with Application Security Pen testing team and Business Unit development team resources in providing a holistic governance / compliance oversight to business units as related to Application Security.
Perform ongoing Application Security audits to ensure that the security posture is not compromised
Working with Application pen testing team and business groups in facilitating compliance requirements
Responsible for educating, monitoring, auditing, advising, and reporting of Application Security efforts.
Monitor appropriate sources for newly identified Application Security vulnerabilities and any associated exception requests, work with Application pen testing team to evaluate the risk such vulnerabilities pose to the organization's security posture and further impact of associated exception requests, and advise management of appropriate measures to eliminate, reduce, or manage the organization's risk or exposure to such vulnerabilities and associated exception requests. Basic qualification
Preferred Skills, Experience, and Education : Bachelor’s Degree in Information Technology / Computer Science,
6+ years’ experience in application-level vulnerability testing and / or code-level security auditing and / or senior level coding.
Strong Web application security experience with thorough understanding of web application vulnerabilities.
Exposure to security assessments of Native Mobile applications / Thick client applications.
Knowledge of database, application, and Web server design and implementation
Good knowledge of application Security Architecture and should be able to perform application architecture reviews from security point of view.
Knowledge of Mobile platforms like Android, iPhone and information on mobile app pen testing methodology.
Knowledge of the software development lifecycle in a large enterprise.
Familiarity with at least one network and web application vulnerability scanners as well as source code analysis tools.
Familiarity with Security Standards and groups (OWASP, WASC, NIST, PCI)
Research and maintain proficiency in exploitation, tools, techniques, countermeasures, and trends in application vulnerabilities
Any of the following certifications will be added advantage : CISSP, GSSP, CEH, CHFI, CPT, CEPT
Good written and verbal communication skills.
Should be able to handle project activities independently
Does not give up easily when things do not go smoothly, finds ways to overcome obstacles.
Identifies causes and effects, by using if A then B’ thinking, and uses this to prioritize issues.
Supports written messages with relevant data, information, examples and demonstration.
Provide technical guidance and mentor team members.
Travel required : 10% Percentage / frequency of travel
Fiserv is an Equal Opportunity Employer / Disability / Vet.
Need answers to a question about our process? Curious to learn more about next steps once you apply? Selecting your next career is no small matter, so that’s why we are here for you every step of the way.
Learn more about our application, selection and hiring process, and get the answers you need to FAQs about recruiting at Fiserv.
Sign up to receive automatic emails when a new job is posted that fits your needs.
Enter a category, location or category / location pair below and click "Add." Once all desired alerts are added to the list, click "Sign Up."