Senior Security Engineer

Company: Fiserv
Location: Sunnyvale
Posted on: June 22, 2022

Job Description:

What you will do as an Application Security Engineer:Develop, configure and implement tooling to support DevSecOps processes including SAST, DAST, IAST, and SCA, in partnership with DevOps.Establish application security standards and guidelines for developers.Establish and audit cloud infrastructure security standards.Evaluate application architectures for security related concerns.Champion and enable security-related activities in the software engineering process (e.g., threat modeling, secure coding practices).Assess infrastructure, web and application environments to help identify, and prioritize risks and vulnerabilities.Manage vulnerability backlog, partnering with Product and Engineering to ensure issues are addressed in accordance with SLA.Perform and/or facilitate external audit of cloud architecture specific to security.Perform red team exercises, including internal pen-tests on web applications and infrastructure, and internal social engineering exercises.Basic Qualifications for Consideration:5+ years of experience in application security ideally from a software or architecture background.Strong understanding of SAST, IAST, DAST, and SCA tooling in support of DevSecOps.Significant experience with securing cloud architectures preferably in GCP.Experience with performing security architecture and design reviews.Experience implementing a vulnerability management program.Experience with coding/scripting.Experience with threat modeling (STRIDE, DREAD, etc.)Demonstrable experience building strong working relationships with Product, Engineering, Infosec, and GRC.Experience with running or participating in bug bounty programs. -

Keywords: Fiserv, Sunnyvale , Senior Security Engineer, Engineering , Sunnyvale, California