Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.Job Description
SIIRT is currently in search of talented, passionate engineers for our Security Platform Engineering & Development team. This group oversees the primary data, incident, and analytic platforms that form the backbone of our cybersecurity operations. In addition to designing, building and maintaining the platform, the Security Platform Engineering & Development group will work closely with other internal cybersecurity teams to develop new tools and methodologies for detecting and investigating security incidents. To achieve these goals, we have a world-class array of data-driven technologies at our disposal. We utilize an innovative blend of commercial and home-grown solutions to ensure the best possible tools are deployed to meet our analysts’ needs.
As we continue to build out our detective platforms and capabilities, we’re looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense. Ideal candidates for this position will possess strong skills and expertise in a combination of some of the following areas: big data platforms (Splunk, Hadoop, Elastic, etc.), common security technologies (SIEM, IDS, WAF, etc.), cloud security experience, knowledge of common security threats, attack vectors, vulnerabilities and exploits, knowledge of endpoint security principles, programming experience, and knowledge of forensic tools. A hybrid remote/on-site working arrangement is possible for this position.
General responsibilities of this role include designing the Cybersecurity engineering roadmap, in addition to delivering highly-complex secure systems, cyber applications, technical projects and regulatory and risk requirements. Drive Cybersecurity engineering solutions, framework, roadmap, program optimization, process engineering, risk remediation, and mitigation of operational risk in a high velocity culture by assessing technology, requirements, deliverables, gaps and systems design. Analyze competitive strategies, cyber technologies, metrics, and performance indicators. Contribute to robust and innovative strategic solutions and build resilient support for next-generation systems to solve business challenges and enhance the control environment.
What You’ll Do
- Acts as the principal advisor to upper management in Cybersecurity matters. Ensures security improvement designs are evaluated, validated, and implemented as required. Certifies that protection and detection capabilities are acquired or developed using the Cybersecurity engineering approach and are consistent with organization-level cybersecurity architecture. Explores and assesses the latest technology trends, disruptions and security/IT service business models to ensure Business Technology maintains, and improves, organization cyber competitive edge.
- Works closely with management to define and promote the strategic direction of the team. Provides strong leadership and direction to team members. Provides subject matter expertise across all Cybersecurity technologies. Oversees project implementation to ensure successful solution delivery.
- Researches, engineers and integrates new Cybersecurity solutions. Applies service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements. Performs cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability. Makes recommendations that enable expeditious remediation.
- I Creates and maintains Cybersecurity technology roadmap. Ensures compliance to audit, regulatory and legal requirements Builds and maintains effective relationships with peers and internal business partners, and external vendors. Enforces the engineering and architecture methodologies to be in compliance with technical aspects of security controls and standards, and pilots the implementation of prominent security solutions to improve the confidentiality, integrity and/or availability of the firm’s intellectual property, systems and applications
How You’ll Do It
- Manage relationships with security partners and vendors.
- Ensure compliance with audit, regulatory, and legal requirements.
- Analyze, design, and develop security solutions with Cybersecurity architects to ensure they are consistent with corporate technology goals and risk tolerance levels.
- Provide direction to infrastructure, operations, data, and application developments groups throughout the transitioning phase, implementation in production, and beyond.
- Validate current- and future-state architectural models to assess impact across assigned Cybersecurity technology systems.
- Provide subject matter expertise for supported security technologies and during escalations.
- Oversee security requirements and technical specifications to guide project implementation toward successful solution delivery.
- Maintain knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
- Build and maintain effective relationships with management, peers, project managers, and internal customers.
- Design and engineer solutions to align with the Cybersecurity strategy.
Qualifications You’ll Need
- Bachelor's degree in information security, information technology, engineering or related field
- 6+ years of experience in Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
- In Lieu of Education 8+ years of experience Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
Bonus Points If You Have
- 8+ years of experience in Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or relate
- Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.)
- Strong skills and expertise in Big Data platforms (Splunk, Hadoop, Elastic, etc.)
- Familiarity with Behavioral Analytics platforms (UEBA)
- Knowledge of common networking services and protocols (TCP/IP, SSH, FTP, DNS, etc.)
- Programming and Scripting Experience (Python, Perl, PowerShell, Bash, etc.)
- Familiarity with integrating platforms and leveraging exposed API endpoints
- Experience with Regular Expressions
- Certifications: CISSP, GIAC, OSCP, CEH
#Remote # BI-Remote #LI_LJ1
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.