Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.Job Description
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
As a Lead Cybersecurity Engineer (Vulnerability Management), you will help ensure that our software and infrastructure is implemented and protected to a high level of security standards. You will perform threat analysis, vulnerability assessments, and system configuration analysis among other duties to help validate the security posture of Discover systems and infrastructure. You will work closely with operations and engineering teams to enhance our security posture.
Responsibility of the role is as an active participant in developing the Cybersecurity roadmap, and delivering secure systems, cyber applications, technical projects and regulatory and risk requirements. This includes Cybersecurity framework, program optimization, vulnerability remediation, metrics reporting, performance analysis, and mitigation of operational risk in a high velocity culture. Requires high-level critical thinking to perform duties related to projects, compliance, metrics, assurance, vulnerabilities, or threats.
- Identifies and evaluates potential vulnerabilities and drives the normalization, correlation, and integration of internal and subscription-threat intelligence source. Produces actionable intelligence in the form of reports, notifications, alerts, and briefings. Develops mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and take appropriate action to report each incident, as required. Analyzes the organization's cyber defense procedures and configurations, and evaluates compliance with regulations and organizational directives.
- Performs in-depth analysis of security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Creates effective controls to address security concerns.
- Maintains in-depth knowledge of security trends and threats. Designs and develops security solutions and processes consistent with business goals and risk tolerance. Provides subject matter expertise for supported Cybersecurity technologies.
- Develops metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Engages in reporting risk remediation assurance and automation/integration initiatives, and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved.
- Designs and engineers solutions to align with the Cybersecurity Strategy
- Serves as the subject matter expert for supported security technologies, and act as subject matter expert during escalations.
- Validates current and future state architectural models to assess impact across assigned Cybersecurity technology systems.
- Oversees security requirements and technical specifications to guide project implementation towards successful solution delivery.
- Maintains knowledge of engineering next-gen designs, security trends, threats and attack techniques.
- Bachelors Information Security , information technology, Engineering or related
- 4 + years Information Security, Security Engineering or related
- In lieu of education, 6 + years Information Security, Security Engineering or related
- Experience using vulnerability management tools in a corporate environment
- In-depth experience finding security vulnerabilities (CVEs) and recommending remediation actions.
- Excellent understanding of a diverse range of technologies (such as enterprise applications, middleware, databases, network devices, etc.).
- Good organizational skills with the ability to take the appropriate actions, while also enforcing established security standards.
- Industry certifications (such as CISSP, CISM or GIAC).
#BI-Remote #Remote #LI-LJ1
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.