The IRM Security Engineer position will be responsible for: Reviewing architecture diagrams associated with the ACA to ensure that the architecture is documented in the current architecture diagram template Reviewing the architecture of existing applications and identifying security control gaps Working with the application development teams to gather additional information required as part of the review Working with the application development teams to communicate control gaps in existing applications and defining remediation plans to address the control gaps Performing analysis to identify control gaps that may be present in many of Fiserv's existing applications and raising this to the Cyber Risk Management organization Identifying opportunities to streamline and automate the architecture diagram review process (e.g. auto-populating network zones, IP addresses, mainframe, security agents, etc.) Supporting the development of APIs/Connectors to streamline and automate the architecture diagram review processBasic Qualifications for Consideration:Bachelor's degree or high school diploma/GEDMinimum of 3 years of diverse Information Technology experienceMinimum of 3 years of Information Security related experienceStrong written, verbal, and presentation skillsStrong organization skillsDemonstrated ability to drive work to completionPreferred Skills, Experience, and Education: Preferred Skills, Experience, and Education:2+ years in an application development or security architect role3+ years of strong understanding of relational database application development (SQL, MySQL, T-SQL)1+ years of experience using Governance, Risk, and Compliance (GRC) tools (e.g. Archer, Galvanize)IT/Information Security framework knowledge (i.e. NIST CSF, ISO2700x, COBIT, etc.)Working knowledge of standard security systems, applications and protocols: firewalls, proxies, endpoint controls, IDS/IPS, DLP, SIEM, TLS, File Integrity Monitoring, vulnerability assessment tools, etc
