Senior Cybersecurity Engineer
Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description
The Discover Security Intelligence & Incident Response Team (SIIRT) is looking for qualified professionals to join our ranks. Comprised of several sub-teams, Discover’s SIIRT group oversees all information security detection, response, and intelligence efforts for the enterprise.
SIIRT is currently in search of a senior associate to help launch our newest area, Security Platform Engineering & Development. This new group will oversee the primary data, incident, and analytic platforms that form the backbone of our cybersecurity operations. In addition to designing, building and maintaining the platform, the Security Platform Engineering & Development group will work closely with other internal cybersecurity teams to develop new tools and methodologies for detecting and investigating security incidents. To achieve these goals, we have a world-class array of data-driven technologies at our disposal. We utilize an innovative blend of commercial and home-grown solutions to ensure the best possible tools are deployed to meet our analysts’ needs.
As we continue to build out our detective platforms and capabilities, we’re looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense. Ideal candidates for this position will possess at least basic knowledge of cybersecurity principles and frameworks (OWASP, NIST, MITRE, UKC, etc.), working knowledge and a passion for development in big data platforms (Splunk, Hadoop, Elastic, etc.), a strong passion for solution development and programming concepts (development tools, frameworks, best practices, etc.), and a robust understanding of at least two of the following: operating systems, networking concepts and protocols, common security technologies (SIEM, IDS, WAF, etc.), data management principles, data science and cloud computing, knowledge of common security threats (attack vectors, vulnerabilities, exploits, etc.), endpoint security principles and solutions, and computer forensic tools.
General responsibilities include: overseeing the primary data, incident and analytic platforms for Discover’s Security Operations Center and related cybersecurity teams; contributing to the development, maintenance and optimization of robust and innovative strategic solutions by partnering with other members of the Security Platform Engineering and Development and Incident Response teams; analyzing new tools, technologies, build pipeline optimizations and process improvements to equip our analyst and incident response teams with necessary instrumentation; and maintaining documentation, reporting and telemetry data of all tools, pipelines, logic, policies and procedures.
Responsibilities:
- Oversee the primary data, incident, and analytic platforms for Discover's Security Operations Center and related cybersecurity teams
- Partner with other members of the Security Platform Engineering & Development team to analyze new tools and technologies to empower our analysts and incident responders
- Full-lifecycle development and support of home-grown security tools and solutions
- Integration and upkeep of various datasets to ensure data streams are accessible and data quality is maintained
- Analysis, monitoring, and reporting of platform operational health and stability
- Creation of visualizations and telemetry to accurately depict operational status and increase situational awareness
- Maintaining documentation of tools, logic, policies, and procedures
- Develops engineering specifications to ensure risk, compliance, and assurance efforts to conform with security, resilience, and dependability requirements at the software application, system, and network environment level. Assists cybersecurity architects in the design and development of security solutions consistent with business goals and risk tolerance. Validates current and future state architectural models to assess impact across assigned Cybersecurity technology systems.
- Designs and implements solutions to align with the Cybersecurity Strategy. Ensures compliance to audit, regulatory and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Manages relationships with security partners and vendors.
- Drives research innovation and continuous coverage of malicious activity in custom intelligence research tools. Correlates incident data to identify specific vulnerabilities and makes recommendations that enable expeditious remediation.
- Maintains in-depth knowledge of security trends, threats and attack techniques. Serves as the subject matter expert for supported security technologies.
Minimum Qualifications:
- Bachelor's degree in information security, information technology, or Engineering
- 2+ years of experience in information security, Computer Science, Engineering or related field
- In Lieu of Education , 4+ years of experience in information security, Computer Science or Engineering.
Bonus Points If You Have
- Experience in an engineering or security-related role
- Experience with big data platforms (Splunk, Hadoop, Elastic stack, etc.)
- Programming experience (Python, Javascript, SPL, etc.)
- Exceptional organizational abilities and attention to detail
- The ability to think creatively to find elegant solutions to complex problems
- Excellent verbal and written communication skills
- The desire to work both independently and collaboratively with a larger team
- A willingness to be challenged along with a strong appetite for learning
- Previous experience with big data analytics
- Hands-on experience with common security technologies (SIEM, IDS, Firewall, WAF, etc.)
- Knowledge of common security threats, attack vectors, vulnerabilities and exploits
- Working knowledge of common operating systems and basic endpoint security principles
- Knowledge of common networking services and protocols
- Knowledge of data science, data visualization, mathematics, and/or statistics
- Previous experience creating and/or supporting tools and platforms for an operations-centric team
#BI-Remote #Remote #LI-LJ1
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.