Principal Cybersecurity Application Security Engineer (DevSecOps) at Discover
Discover. A brighter future.
With Discover, you’ll have the chance to make a difference at one of the world’s leading digital banking and payments companies. From Day 1, you’ll do meaningful work you’re passionate about, with the support and resources you need for success. We value what makes each employee unique and provide a collaborative, team-based culture that gives everyone an opportunity to shine. Be the reason millions of people find a brighter financial future, while building the future you want, here at Discover.
We are looking for an innovative Principle Cybersecurity Engineer who posseses strong engineering skills to help deliver business outcomes. As a Principle Cybersecurity Engineer you will be part of the Application Security team focused on building and maturing frictionless DevSecOps practices and processes, with an automation first mindset, across the SDLC (Software Development Life Cycle).
As Principle Cybersecurity Engineer you will provide technical thought leadership and direction for the team as a subject matter expert and ensure successful solution delivery. You will work closely with management to define and promote the strategic direction of the team.
The ideal candidate will have strong collaboration skills and is expected to work closely with Product Managers, Product Owners and engineers to transform business requirements into technical specifications. This individual will collaborate with the Cybersecurity Architecture team to research and design creative solutions that help mature security posture for application development teams. This individual helps explore and assesses the latest technology trends and disruptions to ensure Discover maintains and improves its cyber competitive edge.
S/he will perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability and make recommendations that enable expeditious remediation.
- 6+ years of Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
- High School Diploma or GED
- 8+ years of Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
- Bachelors Degree in Information Security, Information Technology, Business, or related field
- CISSP/GIAC Certifications
Excellent verbal and written skills with an ability to present technical specifications and solutions.
Ability to manage working on multiple initiatives in a fast paced agile environment.
Strong knowledge of secure code development practices.
Strong application development background designing and building robust and scaleable applications with Python or similar languages.
Experience working in a DevOps environment with an automation first mindset.
Experience using Jenkins as a CI (Continous Integration) and CD (Continous Deployment) tool.
Experience using Harness as a CD (Continuous Deployment) tool
Ability to design and build full stack solutions with Python and React or Vue.js.
Strong knowledge working with container platforms such as Kubernetes and/or Openshift.
Experience with SAST (static application security testing), DAST (dynamic application security testing) and IAST (interactive application security testing) tooling.
Strong knowledge of OWASP practices
Knowledge of authentication protocols such as OAuth, OpenID Connect, SAML and PKI.
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.