Information Security Architect Jobs

What does a successful Information Security Architect do at Fiserv?

This is a broad role that will cover many areas in Information Security, Information Risk, and Compliance. Primary responsibilities include performing security assessments and application code reviews, coordinating vulnerability remediation activities, assessing new technologies for security impacts, and management of compliance deliverables.

What you will do:

• Maintain the coordination of application and infrastructure risk mitigation and vulnerability remediation activities.
• Effectively communicating security and risk posture with technical and business audiences.
• Conducting architecture reviews and security impact assessments for technology and application development initiatives.
• Support the team’s maintenance of FISMA artifacts as required in support of multiple System Security Plans and associated compliance.
• Lead in the design and development and implementation of a Zero-Trust Architecture, and other recent executive orders, as a core part of all design and development activities.

What you will need to have:

• Managing/maintaining FISMA and HVA compliance in accordance with requirements from NIST.
• CISSP certification is required.
• Working knowledge of SIEM systems such as Splunk, LogRythm, IBM QRadar .
• Demonstrated experience collaborating directly with external clients, business leadership, and auditors.
• Direct technical background, to include familiarity with servers, network devices, and security systems.
• Must be a US citizen or have an active Resident Permit for security clearance requirements.
• 7+ years of experience working in technical information security and risk management roles.

What would be great to have:

• Splunk/Splunk ES
• Experience working in a state, local or federal government environment.
• Certifications: CISA, CISM CISSP, CCSP, Azure/AWS/Google Training and Certification
• Bachelor’s degree in a technology field, Master’s degree preferred.
• Multi-Factor Authentication
• Demonstrable understanding of Information Security and Risk Management capabilities across Windows and Linux systems, with Z/OS a plus, in the following domains:
• Defense-In-Depth
• Experience in a commercial environment implementing Cloud technologies such as Microsoft Azure, AWS, or Google Cloud
• Identity Access Management / Active Directory
• Role-Based Access /Zero-Trust Model
• Authentication and Authorization including SSO and Federation
• Governance and Compliance
• Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response
• Securing Data /Operating System
• Protecting the Network Layer

#LI-RM1