|Location:||Deerfield, Illinois (60015)|
|Job Type:||Full Time|
|Posted:||3 days ago|
Discover. A brighter future.
With us, you'll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it - we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.Job Description
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We're all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career .
We are looking for an innovative Principle Cybersecurity Engineer with strong engineering skills to help deliver business outcomes. As a Principal Cybersecurity Engineer you will be part of the Application Security team focused on building and maturing frictionless DevSecOps practices and processes, with an automation first mindset, across the SDLC (Software Development Life Cycle).
The ideal candidate will have strong collaboration skills and is expected to work closely with Product Managers, Product Owners and engineers to transform business requirements into technical specifications. This individual will collaborate with the Cybersecurity Architecture team to research and design creative solutions that help mature security posture for application development teams. This individual helps explore and assesses the latest technology trends and disruptions to ensure Discover maintains and improves its cyber competitive edge.
S/he will perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability and make recommendations that enable expeditious remediation.
As an Application Security Engineer, you'll leverage an extreme automation mindset to build security controls into our continuous integration and continuous deployment workflows. By learning new languages and technologies, you'll take your passion for application security to improve the developer experience at Discover and guide secure code practices and standards on our application development teams
Acts as the principal advisor to upper management in Cybersecurity matters. Ensures security improvement designs are evaluated, validated, and implemented as required. Performs cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability
Certifies that protection and detection capabilities are acquired or developed using the Cybersecurity engineering approach and are consistent with organization-level cybersecurity architecture
Explores and assesses the latest technology trends, disruptions and security/IT service business models to ensure Business Technology maintains, and improves, organization cyber competitive edge
Works closely with management to define and promote the strategic direction of the team. Provides strong leadership and direction to team members. Provides subject matter expertise across all Cybersecurity technologies
Creates and maintains Cybersecurity technology roadmap. Ensures compliance to audit, regulatory and legal requirements. Makes recommendations that enable expeditious remediation
Builds and maintains effective relationships with peers and internal business partners, and external vendors
Oversees project implementation to ensure successful solution delivery
Researches, engineers and integrates new Cybersecurity solutions. Applies service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements
At a minimum, here's what we need from you:
Bachelors - Computer Science or related
6+ years - Information Security, Application Security, Security Engineering or related
Internal applicants only: technical proficiency rating of proficient on the Dreyfus engineering scale
Strong application development background designing and building robust and scaleable applications with Python or similar languages.
Experience working in a DevOps environment with an automation first mindset.
Experience using Jenkins as a CI (Continous Integration) and CD (Continous Deployment) tool.
Experience using Harness as a CD (Continuous Deployment) tool
Ability to design and build full stack solutions with Python and React or Vue.js.
Strong knowledge working with container platforms such as Kubernetes and/or Openshift.
Experience with SAST (static application security testing), DAST (dynamic application security testing) and IAST (interactive application security testing) tooling.
Strong knowledge of OWASP practices
Knowledge of authentication protocols such as OAuth, OpenID Connect, SAML and PKI.
External applicants will be required to perform a technical interview
What are you waiting for? Apply today!
And by the way, while you're waiting to hear from us, don't forget to check out the great benefits Discover offers.
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants - with respect. Discover Financial Services is an equal opportunity employer (EEO is the law) . We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.