Principle Cybersecurity Engineer at Discover
Discover. A brighter future.
With Discover, you’ll have the chance to make a difference at one of the world’s leading digital banking and payments companies. From Day 1, you’ll do meaningful work you’re passionate about, with the support and resources you need for success. We value what makes each employee unique and provide a collaborative, team-based culture that gives everyone an opportunity to shine. Be the reason millions of people find a brighter financial future, while building the future you want, here at Discover.
Responsibility of the role is to design the Cybersecurity engineering roadmap, and deliver highly-complex secure systems, cyber applications, technical projects and regulatory and risk requirements. Drive Cybersecurity engineering solutions, framework, roadmap, program optimization, process engineering, risk remediation, and mitigation of operational risk in a high velocity culture by introducing technology, requirements, deliverables, gaps and systems design. Analyze competitive strategies, cyber technologies, metrics models, and performance indicators. Contribute to robust and innovative strategic solutions and build resilient support for next-generation systems to solve business challenges and enhance the control environment
This position will require a strong understanding of technologies, processes and data in the Identity & Access Management vertical. The candidate must demonstrate excellent project management and leadership skills to translate product vision into a well sequenced roadmap. This position will require partnership with other Identity and Access Management (IAM) verticals as well as external functions such as our infrastructure and application partners.
- Acts as the principal advisor to upper management in Cybersecurity matters. Ensures security improvement designs are evaluated, validated, and implemented as required. Certifies that protection and detection capabilities are acquired or developed using the Cybersecurity engineering approach and are consistent with organization-level cybersecurity architecture. Explores and assesses the latest technology trends, disruptions and security/IT service business models to ensure Business Technology maintains, and improves, organization cyber competitive edge.
- Works closely with management to define and promote the strategic direction of the team. Provides strong leadership and direction to team members. Provides subject matter expertise across all Cybersecurity technologies. Oversees project implementation to ensure successful solution delivery.
- Researches, engineers and integrates new Cybersecurity solutions. Applies service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements. Performs cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability. Makes recommendations that enable expeditious remediation.
- Creates and maintains Cybersecurity technology roadmap. Ensures compliance to audit, regulatory and legal requirements
- Builds and maintains effective relationships with peers and internal business partners, and external vendors. Enforces the engineering and architecture methodologies to be in compliance with technical aspects of security controls and standards, and pilots the implementation of prominent security solutions to improve the confidentiality, integrity and/or availability of the firm’s intellectual property, systems and applications.
- Lead efforts to increase Single Sign-On (SSO) enabled applications by working closely with application teams
- Participate and help manage complex projects / programs from envisioning through design, development and implementation
- Ensure appropriate monitoring and alerting tools are in place and operating appropriately
- Ensure our Directories (LDAP and AD) maintain consistent and accurate Identity information for all Employees, Contractors, Suppliers and Customers
- Manage the integration playbooks and site used to onboard new applications, platforms and federations
- Own backlog and ensure the work items are well understood, testable and completed on time
- Test new integrations and modify development configurations for new entities when necessary
- Hands on configuration and technical work to resolve issues
- Understand and work with customers and extended team to resolve technical and non-technical problems
- Identify and plan to mitigate potential technical and business risks
- Provide expertise and understanding of the Authentication landscape working with leadership to design, engineer and expand the service footprint
- Participate in planning meetings and provide guidance and expertise in support of strategic company initiatives
- Partner with other internal or supplier teams as needed (e.g. architecture, security, network, etc)
- Participate if needed in the expansion of privileged access management solutions
- Transforms business requirements into technical specifications. Designs and develops system security measures to ensure Cybersecurity is fully integrated. Validates current and future state architectural models to assess impact across all Cybersecurity technology systems.
- H.S. Diploma or GED
- 6 years Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
- Bachelor’s Degree in Business, Information Security, or Information Technology
- 8+ years Information Security, Application Security, Programming, DevOps, Cloud, Computer Science, Data Analytics, or related
- CISSP, PMP, CEH, GIAC, CISM Certifications
- 6+ years of Identity and Access Management product management or other relevant experience desired
- Demonstrated ability to build consensus across a variety of key stakeholders as well as business and technology leaders to influence successful outcomes
- Consistent record of being results oriented with the desire and ability to achieve aggressive goals
- Experience working directly with designers, developers and QA leads to build, design and iterate on digital products and services
- Experience with SSO products (ie: Siteminder, OKTA)
- Good understanding of IAM principles, IT security needs and dev ops processes
- Excellent verbal, written and interpersonal communication skills that are relatable to all levels
- Superb planning and organizational skills
- Adaptability and multi-tasking; experience working in a fast moving environment
- Experience serving as scrum master, project manager and/or product manager on small and large scale technical applications
- Diligent, disciplined, reliable and strives for highest quality work product
- In depth directory knowledge (Active Directory, LDAP, etc)
- Strong working knowledge of authentication protocols like oAuth, SAML, Radius, TACACS, Digital certificates, Kerberos, ADFS, OpenID, FIDO & Biometrics
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.