Sr Cybersecurity Analyst
Discover. A more rewarding way to work.
At Discover Financial Services, you’ll find yourself in the company of some of the industry’s smartest and most reliable professionals. And at a company that rewards dedication, values innovation and supports growth.
Thrive in an environment that promotes teamwork and shared success. Build on a foundation of mutual respect. Join the company that understands rewarding careers like no other, with this exceptional opportunity:
As part of the Cybersecurity Assurance & Compliance Organization, you will be responsible for all facets of the Assurance & Compliance assessment processes, including Payment Card Industry (PCI) Data Security Standard (DSS). These annual assessment processes are used to provide assurance to business & network partners that the technologies which comprise Payment Services’ card payment processing environment, Card, Loans etc have been secured in accordance with current data security standards. This person is expected, when necessary, to assess applications or technologies identifying gaps and potential threat. This person must be a strong communicator and comfortable collaborating with all levels of management as well as the business, infrastructure, engineering, architecture, operations and application teams.
Lead security assessments of applications and/or technologies, when necessary, to identify gaps and potential threat.
- Facilitate assessments meetings between external assessors and Business Technology teams (Application Development, Infrastructure, Cybersecurity, etc.).
- Communication of non-compliant gaps to impacted technology teams.
- Collecting artifacts / evidence which supports compliance requirements, including PCI. Packaging and delivery of artifacts to external assessors.
- Oversee and track remediation efforts of identified gaps to completion.
- Ensure new, in-scope applications are deployed in a compliant manner.
- Act as subject matter expert for business technology and business partners for security compliance related matters. Provide security compliance consulting services as needed.
- Liaison between Business Technology teams and external assessors.
- Maintain accurate information and support departmental metrics and KRI reporting.
- Communicate monthly program status to business partners.
- Participate in initiatives to enhance and/or evolve Compliance programs.
- Perform review / quality control activities on reports from compliance programs.
- Maintain PCI Information Security Auditor (ISA) certification on annual basis.
- Bachelor’s degree or equivalent experience.
- 3+ years’ experience in information security or technology audit, preferably in Financial Services.
- Prior experience of security assessments of systems, applications at any level is a plus.
- Knowledge of IS Risk Frameworks and Standards (PCI-DSS, NIST 800-53, ISO 27000 series, NIST Cybersecurity Framework).
- Ability to understand and apply data security requirements, including PCI, to technologies used in Discover.
- Familiar with most technology infrastructure components (Unix/Linux, Windows, Middleware, Mainframe, Storage, Networking, etc.).
- Familiarity with Data Warehouse technologies and processes (Teradata, Hadoop, Data Services).
- Have excellent communication skills and be able to articulate complicated situations in a precise and concise manner.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.