Application Security Architect

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services.  Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results.  We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions.  Join our dynamic team and make your mark on the payments technology landscape of tomorrow. 

Summary of This Role

Designs applications of advanced complexity which address business functionality and performance needs, while ensuring that maximum security is applied. Incorporates both in-house and externally acquired solutions. Considered a subject matter expertise in relation to security architecture and liaises with other areas of IT in the dissemination of this information to counter threats and internal and external vulnerabilities. Applies experience in topics such as enterprise software, software and hardware configurations, authentication, authorizations, detection and countering errant codes and scripts and related matters.

What Part Will You Play?

• Applies application development understanding and includes security controls within the application pipeline for moderately complex projects. Verifies controls are adhered to.

• Reviews security architecture designs independently utilizing a strong understanding of network architecture to include recommendations drafting.

• Utilizes a strong understanding of the appropriate settings for premise or cloud based security platforms in order to build guides for the standard implementation of a given platform.

• Interprets vulnerability scanning from DAST and SAST and/or penetration test results to eliminate false positives while identifying appropriate mitigation for true issues.

• Communicates InfoSec Architectural and Application Security policies, standards and guidelines in documentation for consumption by both IT and non-IT resources.

• Utilizes a high level of industry understanding of implications of new threats and their applicability to the company, as well as options to reduce/eliminate new risk.

• Build relationships with developers, stakeholders and scrum masters to incorporate security principles into engineering design and deployments.

• Perform testing and validation in application security controls across projects.

• Oversee implementation of defensive practices and countermeasures across infrastructure and applications.

• Draft and uphold CI/CD security strategy and practices in tandem with other technical team leads.

• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.

• Identify vulnerabilities in code through automated and manual assessments, and promote quick remediation.

• Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.

What Are We Looking For in This Role?

Minimum Qualifications

• Bachelor's Degree

• Relevant Experience or Degree in: in Information Security or Computer Science

• Typically Minimum 4 Years Relevant Exp

• Prior experience must be as an Information Security Analyst, or related role. Strong understanding of regulatory audit requirements and developing the appropriate solutions to address findings. Degree strongly preferred; however, additional 4 years related experience may be considered in lieu of a degree.

• One or more of the following (or similar) - eWPTX, OSWE, CISSP, CEH, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, Security +, CGEIT, CCSP

• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC).

Preferred Qualifications

• Typically Minimum 6 Years Relevant Exp

• Prior experience must be as an Information Security Analyst, Security focused Network Admin/Engineer or Systems Admin/Engineer. Understanding of regulatory requirements and solutions design to meet said requirements.

• Preferably some experience with operations and security across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).

What Are Our Desired Skills and Capabilities?

• Skills / Knowledge - A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways. This job is the fully qualified, career-oriented, journey-level position.

• Job Complexity - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise.

• Supervision - Normally receives little instruction on day-to-day work, general instructions on new assignments.

• Network Engineering/Architecture - Maintains an understanding of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).

• Systems Engineering/Architecture - Maintains an understanding of Operating system infrastructure, including Windows, Linux, containers, container orchestration and Virtual Machines. Must understand system authentication options, user rights within systems, user authentication/authorization, least privilege, Group Policy, Automation tooling (Puppet, chef, ansible) and local security agents/tools (Anti-Virus, Whitelisting, forensics, firewall, etc.)

• Encryption/Cryptography - Understands the use of digital certificates, root certificate trust, and how to encrypt/decrypt network traffic. Recognizes data that must be encrypted at rest, and how to assure encryption key processes meet policy and regulatory requirements.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.