Cyber Engineering - Advisor I. - Fiserv
Berkeley Heights, NJ
About the Job
Calling all innovators – find your future at Fiserv.
We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
Job Title
Security Engineer (WAF)
What does a successful Security Engineer (WAF) do at Fiserv?
You will work with the “Operational Application Protection Team” where your focus is on reducing the potential impact of threats to Internet facing web application systems. You will have frequent interaction with Security Assessment, Security Operations and Cyber Security Incident Response Teams working together to identify ongoing threats to the application and develop protections for web applications utilizing state of the art cyber technologies (Web Application Firewalls, Network Firewalls, Intrusion Prevention, Network Traffic Scrubbing).
What you will do:
+ Maintain and operate Web Application Firewall Configurations
+ Perform false positive analysis on WAF events
+ Work efforts outside business-hours, when necessary, as part of on-call rotation schedule
+ Act as a front-line and escalation interface to the business, reviewing trouble tickets and executing the required actions
What you will need to have:
+ 10+ years related IT and cyber protection experience desired
+ 5+ years’ experience with maintaining cyber technologies that can protect operational web application systems, such as F5 Big IP Application Security Manager, F5 Local Traffic Manager, F5 Silverline WAF & Denial of Service (DDOS) Scrubbing systems
+ 3+ years’ experience in addressing cyber threats as related to Internet facing web applications
+ 3+ years’ experience with utilizing NIST CVE data relating to web application vulnerabilities to develop threat response actions utilizing OSI Layer 4 through 7 deep inspections
+ 2+ years’ experience with threat analysis of web application network traffic protocols and patterns
+ 1+ year experience managing and maintaining production operational systems
+ 1+ year experience using scripting or automation to reduce team workload on repetitive tasks
+ Bachelor’s degree in computer science, or a relevant field, or an equivalent combination of education, work, and/or military experience
What would be great to have:
+ Advanced degree in computer science or a related field
+ CISSP or other professional cyber certifications desirable
+ 1+ years' experience in Scripting tools like Python, Bash
+ 1 year experience in TCL and iRules, Web application vulnerabilities
+ 1 year experience in HTTP protocol and what HTTP application traffic looks like
#LI-RM1
This role is not eligible to be performed in Colorado, California, District of Columbia, Hawaii, Maryland, New York, Nevada, Rhode Island or Washington.
_Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate._
Thank you for considering employment with Fiserv. Please:
+ Apply using your legal name
+ Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
What you should know about us:
Fiserv is a global leader in payments and financial technology with more than 40,000 associates proudly serving clients in more than 100 countries. As one of Fortune _®_ magazine's "World's Most Admired Companies™" 9 of the last 10 years, one of Fast Company’s Most Innovative Companies, and a top scorer on Bloomberg’s Gender-Equality Index, we are committed to innovation and excellence.
Our commitment to Diversity and Inclusion:
Fiserv is an Equal Opportunity Employer, and we welcome and encourage diversity in our workforce that reflects our world. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Warning about fake job posts:
Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information.
Any communications from a Fiserv representative will come from a legitimate business email address. We will not hire through text message, social media, or email alone, and any interviews will be conducted in person or through a secure video call. We won’t ask you for sensitive information nor will we ask you to pay anything during the hiring process. We also won’t send you a check to cash on Fiserv’s behalf.
If you see suspicious activity or believe that you have been the victim of a job posting scam, you should report it to your local FBI field office or to the FBI’s Internet Crime Complaint Center.
We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
Job Title
Security Engineer (WAF)
What does a successful Security Engineer (WAF) do at Fiserv?
You will work with the “Operational Application Protection Team” where your focus is on reducing the potential impact of threats to Internet facing web application systems. You will have frequent interaction with Security Assessment, Security Operations and Cyber Security Incident Response Teams working together to identify ongoing threats to the application and develop protections for web applications utilizing state of the art cyber technologies (Web Application Firewalls, Network Firewalls, Intrusion Prevention, Network Traffic Scrubbing).
What you will do:
+ Maintain and operate Web Application Firewall Configurations
+ Perform false positive analysis on WAF events
+ Work efforts outside business-hours, when necessary, as part of on-call rotation schedule
+ Act as a front-line and escalation interface to the business, reviewing trouble tickets and executing the required actions
What you will need to have:
+ 10+ years related IT and cyber protection experience desired
+ 5+ years’ experience with maintaining cyber technologies that can protect operational web application systems, such as F5 Big IP Application Security Manager, F5 Local Traffic Manager, F5 Silverline WAF & Denial of Service (DDOS) Scrubbing systems
+ 3+ years’ experience in addressing cyber threats as related to Internet facing web applications
+ 3+ years’ experience with utilizing NIST CVE data relating to web application vulnerabilities to develop threat response actions utilizing OSI Layer 4 through 7 deep inspections
+ 2+ years’ experience with threat analysis of web application network traffic protocols and patterns
+ 1+ year experience managing and maintaining production operational systems
+ 1+ year experience using scripting or automation to reduce team workload on repetitive tasks
+ Bachelor’s degree in computer science, or a relevant field, or an equivalent combination of education, work, and/or military experience
What would be great to have:
+ Advanced degree in computer science or a related field
+ CISSP or other professional cyber certifications desirable
+ 1+ years' experience in Scripting tools like Python, Bash
+ 1 year experience in TCL and iRules, Web application vulnerabilities
+ 1 year experience in HTTP protocol and what HTTP application traffic looks like
#LI-RM1
This role is not eligible to be performed in Colorado, California, District of Columbia, Hawaii, Maryland, New York, Nevada, Rhode Island or Washington.
_Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate._
Thank you for considering employment with Fiserv. Please:
+ Apply using your legal name
+ Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
What you should know about us:
Fiserv is a global leader in payments and financial technology with more than 40,000 associates proudly serving clients in more than 100 countries. As one of Fortune _®_ magazine's "World's Most Admired Companies™" 9 of the last 10 years, one of Fast Company’s Most Innovative Companies, and a top scorer on Bloomberg’s Gender-Equality Index, we are committed to innovation and excellence.
Our commitment to Diversity and Inclusion:
Fiserv is an Equal Opportunity Employer, and we welcome and encourage diversity in our workforce that reflects our world. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Warning about fake job posts:
Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information.
Any communications from a Fiserv representative will come from a legitimate business email address. We will not hire through text message, social media, or email alone, and any interviews will be conducted in person or through a secure video call. We won’t ask you for sensitive information nor will we ask you to pay anything during the hiring process. We also won’t send you a check to cash on Fiserv’s behalf.
If you see suspicious activity or believe that you have been the victim of a job posting scam, you should report it to your local FBI field office or to the FBI’s Internet Crime Complaint Center.
Source : Fiserv