Discover. A more rewarding way to work.
At Discover Financial Services, you’ll find yourself in the company of some of the industry’s smartest and most reliable professionals. And at a company that rewards dedication, values innovation and supports growth.
Thrive in an environment that promotes teamwork and shared success. Build on a foundation of mutual respect. Join the company that understands rewarding careers like no other, with this exceptional opportunity:
The primary role of a Security Consultant is to support BT Information Security and Technology Risk (BT-ISTR) by providing security consulting and advisory services to internal customers and project teams. The Security Consultant must be able to understand business/technical requirements and be able to identify, document, and prioritize security-related requirements to promote secure system designs and facilitate delivery of information security services throughout the system development life cycle.
The Security Consultant will also be expected to identify and propose solutions that effectively balance the business benefit with the security risk and be able to clearly articulate these solutions to both project teams as well as other information security teams to provide awareness of upcoming business initiatives. The individual must also perform high level security assessments of information systems and infrastructure, escalate critical technical or risk decisions when necessary, and partner with other information security resources to aid in the delivery of secure enterprise solutions.
Primary responsibilities will include the following:
- Define and provide pragmatic security guidance and recommendations that balance business benefit and security risk
- Work and communicate effectively with technical teams and project managers
- Participate in project work groups as needed for technical consulting
- Enhance workflow processes for project engagement, requirements gathering, documentation and communication
- Collaborate with other security subject matter experts to identify and implement appropriate security controls
- Identify changes in business strategy to assess potential impact to the Information Security program
- Provide formal knowledge and information sharing to other BT-ISTR teams
- Mentor other team members to ensure consistent delivery of high quality results
- Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
Secondary responsibilities may include, but are not limited to, the following:
- Provide subject matter technical expertise to the PCI programs
- Evaluation of ISS pre-assessments and other EIS Service Catalog requests
- Other duties as assigned
- Bachelor’s Degree (Preferably in a Technology centric discipline) or equivalent work experience
- 5+ years of Information Security architecture or technical security experience
- Strong understanding of Discover infrastructure and internal processes preferred
- Excellent writing, verbal communication, and presentation skills required
- Strong Understanding of IT Security Best Practices
- Familiarity with many different network architectures, network services, system types, development platforms and software suites (e.g. Linux/AIX, Windows, Cisco, Oracle, Websphere, Hadoop, Teradata, etc.)
- Familiarity with various security concepts and technologies including firewalls, VPN, IDS/IPS, anti-malware, encryption algorithms, SIEM, authentication/authorization (e.g. Kerberos, SAML, OAuth, PKI, etc.)