Senior Open-Source Security Engineer

Calling all innovators – find your future at Fiserv.We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.Job TitleSenior Open-Source Security EngineerWhat does a successful Senior Open-Source Security Engineer do at Fiserv?In this role, you will utilize your experience with Sonatype to empower secure and fast software innovation by providing comprehensive insights and controls over open-source components. You will design, implement, and maintain security measures for open-source software that is integral to Fiserv’s global supply chain footprint.What you will do:

Collaborate with development teams to integrate security best practices into the software development lifecycle

Monitor and manage vulnerabilities discovered, including tracking and prioritizing remediation efforts

Ensure the security and compliance of open-source components used in development

Perform vulnerability scans, review output, provide initial analysis and remediation

Work closely with development teams to integrate security into the software development lifecycle (SDLC) using insights from Sonatype

Automate security processes and integrate them into CI/CD pipelines

Integrate and manage Sonatype tools (e.g., Nexus Repository, Nexus Lifecycle) within the software development lifecycle

Be the team SME while showcasing your experience with Sonatype tools like Nexus Repository and Nexus Lifecycle

What you will need to have:

6+ years of experience working in an enterprise IT environment working with vulnerability management and scanning tools

3+ years of software development experience or security-related engineering, along with DevOps and automation experience

3+ years of experience with Sonatype tools like Nexus Repository and Nexus Lifecycle

Must meet requirements to obtain and maintain 2C and 6C government clearance

Bachelor's degree in a related field or an equivalent combination of education, military, and work experience

What would be great to have:

Experience with cloud platforms (e.g., AWS, Azure, GCP).

Certifications in security or DevOps (e.g., CISSP, AWS Certified DevOps Engineer)

Experience with containerization and orchestration tools (e.g., Docker, Kubernetes)

Knowledge of programming languages such as Python, Java, or C.

Familiarity with web application security principals and common vulnerabilities inkling OWASP Top Ten

Important info about this role:

All offers of employment are contingent on standard background checks. Fiserv and certain of its affiliated companies are federal, state and/or local government contractors. Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. Positions that support state and/or local contracts also may require additional background checks to determine eligibility and suitability

This role is not eligible to be performed in Colorado, California, District of Columbia, Hawaii, Maryland, New York or Washington.Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.Thank you for considering employment with Fiserv. Please:

Apply using your legal name

Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

What you should know about us:Fiserv is a global leader in payments and financial technology with more than 40,000 associates proudly serving clients in more than 100 countries. As one of Fortune ® magazine's "World's Most Admired Companies™" 9 of the last 10 years, one of Fast Company’s Most Innovative Companies, and a top scorer on Bloomberg’s Gender-Equality Index, we are committed to innovation and excellence.Our commitment to Diversity and Inclusion:Fiserv is an Equal Opportunity Employer, and we welcome and encourage diversity in our workforce that reflects our world. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by law.We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.Warning about fake job posts:Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information.Any communications from a Fiserv representative will come from a legitimate business email address. We will not hire through text message, social media, or email alone, and any interviews will be conducted in person or through a secure video call. We won’t ask you for sensitive information nor will we ask you to pay anything during the hiring process. We also won’t send you a check to cash on Fiserv’s behalf.If you see suspicious activity or believe that you have been the victim of a job posting scam, you should report it to your local FBI field office or to the FBI’s Internet Crime Complaint Center.