Sr. Manager, Secure Software Supply Chain

Calling all innovators find your future at Fiserv.

Were Fiserv a global leader in Fintech and payments and we move money and information in a way that moves the world. We connect financial institutions corporations merchants and consumers to one another millions of times a day quickly reliably and securely. Any time you swipe your credit card pay through a mobile app or withdraw money from the bank were involved. If you want to make an impact on a global scale come make a difference at Fiserv.

Job Title

About your role:
Fiserv delivers technology solutions that enable secure efficient financial services for clients worldwide. The Cyber Application Security team focuses on safeguarding application-level assets across development and production this role you will design and operationalize application security controls to protect client data and support secure product delivery.

What youll do:

• Design implement and maintain application security strategies standards and frameworks across product lines.
• Perform security assessments threat modeling and secure code reviews to identify and remediate vulnerabilities.
• Lead the development and execution of SCA runtime vulnerability and CI/CD/pipeline security programs.
• Integrate security tooling into CI/CD pipelines and collaborate with engineering teams to enforce secure development practices.
• Triage and respond to application security incidents perform root cause analysis and drive corrective actions.
• Configure and manage application security tools (SCA DAST SAST runtime monitoring) and validate their effectiveness.
• Partner with cloud platform and DevOps teams to secure cloud-native workloads containers and IaC.
• Responsibilities listed are not intended to be all-inclusive and may be modified as necessary.

Experience youll need to have:

• 10 years of experience in application security architecture threat modeling and secure coding frameworks (OWASP Top 10 threat modeling methodologies).
• 10 years of experience in vulnerability management and open-source risk management including hands-on use of SCA tools such as Sonatype Lifecycle.
• 8 years of experience securing CI/CD pipelines and build systems (Jenkins GitLab CI Azure DevOps).
• 8 years of experience with cloud platform security (AWS Microsoft Azure Google Cloud Platform) and cloud-native security controls.
• 8 years of experience in container and runtime security including Docker Kubernetes and runtime protection/observability tools (e.g. Dynatrace Falco).
• 6 years of experience in Infrastructure as Code (Terraform CloudFormation) scanning and IaC security tooling (Checkov tfsec).
• 6 years of experience in server/OS administration and logging/monitoring (Linux/Unix/Windows SIEM/Splunk centralized logging).
• 1 year of Fiserv systems experience.
• 6 years of equivalent combination of educational background related experience and/or military experience.

Experience that would be great to have:

• Program leadership experience building and scaling DevSecOps or application security programs across multiple product teams.
• Hands-on experience with Sonatype Lifecycle Dynatrace Checkov and Git-based CI/CD platforms in production.
• Familiarity with compliance frameworks and controls relevant to payments and financial services (PCI DSS SOC 2 ISO 27001).
• Certifications such as CISSP CISM OSCP or equivalent technical/security certifications.
• Demonstrated cross-functional leadership and executive communication experience to influence engineering and product stakeholders.

How youll work:

• This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.
• This role requires the use of a computer and audio equipment.

Travel:

• Approximately 0% travel off-site or to other office locations is expected.

Sponsorship:

• You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including but not limited to F-1 (OPT CPT STEM) H-1B H-2 or TN or any candidate requiring sponsorship now or in the future will not be considered for this role.

Benefits at Fiserv:

• Fuel Your Life program to support physical financial social and emotional well-being
• Paid holidays and generous time away policies
• No-cost mental health support through Employee Assistance Programs
• Living Proof program to recognize your peers extra effort with points used for rewards
• Eight Employee Resource Groups to foster a collaborative culture
• Unparalleled professional growth with training development and internal mobility opportunities
• Retirement planning and discounted shares with the Employee Stock Purchase Plan
• Medical dental vision life and disability insurance options available day one
• Tuition assistance and reimbursement program
• Paid parental caregiver and military leave

This role is not eligible to be performed in Colorado California District of Columbia Hawaii Illinois Maryland Minnesota New Jersey New York Nevada Rhode Island or Washington.

It is unlawful to discriminate against a prospective employee due to the individuals status as a veteran.

Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.

Thank you for considering employment with Fiserv. Please:

• Apply using your legal name
• Complete the step-by-step profile and attach your resume (either is acceptable both are preferable).

Our commitment to Equal Opportunity:

Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion national origin gender gender identity sexual orientation age disability protected veteran status or any other category protected by law.

If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process please contact. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiservs Disability Accommodation Policy for additional information.

Note to agencies:

Fiserv does not accept resume submissions from agencies outside of existing do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.