Senior Open-Source Security Engineer

You deserve to do what you love, and love what you do a career that works as hard for you as you do. At Fiserv, we are more than 40,000 #FiservProud innovators delivering superior value for our clients through leading technology, targeted innovation and excellence in everything we do.

You have choices if you strive to be a part of a team driven to create with purpose, now is your chance to Find your Forward with Fiserv.

Responsibilities

Requisition ID R-10337337 Date posted 07 / 11 / 2024 End Date 09 / 02 / 2024 City Alpharetta State / Region Georgia Country United States Additional Locations Berkeley Heights, New Jersey;

Columbus, Ohio; Coral Springs, Florida; Omaha, Nebraska Location Type Onsite

Calling all innovators find your future at Fiserv.

We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day quickly, reliably, and securely.

Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

Senior Open-Source Security Engineer

What does a successful Senior Open-Source Security Engineer do at Fiserv?

In this role, you will utilize your experience with Sonatype to empower secure and fast software innovation by providing comprehensive insights and controls over open-source components.

You will design, implement, and maintain security measures for open-source software that is integral to Fiserv’s global supply chain footprint.

What you will do :

• Collaborate with development teams to integrate security best practices into the software development lifecycle
• Monitor and manage vulnerabilities discovered, including tracking and prioritizing remediation efforts
• Ensure the security and compliance of open-source components used in development
• Perform vulnerability scans, review output, provide initial analysis and remediation
• Work closely with development teams to integrate security into the software development lifecycle (SDLC) using insights from Sonatype
• Automate security processes and integrate them into CI / CD pipelines
• Integrate and manage Sonatype tools (e.g., Nexus Repository, Nexus Lifecycle) within the software development lifecycle
• Be the team SME while showcasing your experience with Sonatype tools like Nexus Repository and Nexus Lifecycle

What you will need to have :

• 6+ years of experience working in an enterprise IT environment working with vulnerability management and scanning tools
• 3+ years of software development experience or security-related engineering, along with DevOps and automation experience
• 3+ years of experience with Sonatype tools like Nexus Repository and Nexus Lifecycle
• Must meet requirements to obtain and maintain 2C and 6C government clearance
• Bachelor's degree in a related field or an equivalent combination of education, military, and work experience

What would be great to have :

• Experience with cloud platforms (e.g., AWS, Azure, GCP).
• Certifications in security or DevOps (e.g., CISSP, AWS Certified DevOps Engineer)
• Experience with containerization and orchestration tools (e.g., Docker, Kubernetes)
• Knowledge of programming languages such as Python, Java, or C++.
• Familiarity with web application security principals and common vulnerabilities inkling OWASP Top Ten

Important info about this role :

All offers of employment are contingent on standard background checks. Fiserv and certain of its affiliated companies are federal, state and / or local government contractors.

Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.

S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions.

Positions that support state and / or local contracts also may require additional background checks to determine eligibility and suitability

This role is not eligible to be performed in Colorado, California, District of Columbia, Hawaii, Maryland, New York or Washington.

Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.

• Apply using your legal name
• Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

What you should know about us :

Fiserv is a global leader in payments and financial technology with more than 40,000 associates proudly serving clients in more than 100 countries.

As one of Fortune® magazine's "World's Most Admired Companies™" 9 of the last 10 years, one of Fast Company’s Most Innovative Companies, and a top scorer on Bloomberg’s Gender-Equality Index, we are committed to innovation and excellence.

Our commitment to Diversity and Inclusion :

Fiserv is an Equal Opportunity Employer, and we welcome and encourage diversity in our workforce that reflects our world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by law.

Warning about fake job posts :

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and / or to steal money or financial information.

Any communications from a Fiserv representative will come from a legitimate business email address. We will not hire through text message, social media, or email alone, and any interviews will be conducted in person or through a secure video call.

We won’t ask you for sensitive information nor will we ask you to pay anything during the hiring process. We also won’t send you a check to cash on Fiserv’s behalf.

If you see suspicious activity or believe that you have been the victim of a job posting scam, you should report it to your local FBI field office or to the FBI’s Internet Crime Complaint Center.

Benefits

Medical, Vision and Dental Benefits

Comprehensive benefit plans to suit your unique needs

Fuel Your Life Wellness Program

Resources to elevate your well-being

401k, Employee Stock Purchase Plans and Incentives & Bonuses

When Fiserv performs well, so does your financial health

Employee Resource Groups

Celebrating inclusion in the workplace

Paid Time Away

Providing the time off to manage personal needs