What does a successful Senior Information Security Professional do?
As a Senior Information Security Professional on our Security Governance team, you will play a strategic part in enhancing our enterprise security posture. We're looking for candidates with whom can operate independently, lead cross-functional initiatives, and bring deep expertise in infrastructure vulnerabilities, cloud platforms, and network security.
You will be responsible for ensuring vulnerabilities are promptly identified, triaged, tracked, and remediated, while collaborating with global stakeholders to drive remediation and improve systemic hygiene.
What you will do:
- Lead the coordinated disclosure / bug bounty program, working with researchers and internal teams to address reported vulnerabilities.
- Apply expertise in infrastructure vulnerabilities, cloud platforms, and network security technologies (e.g., Firewalls, WAF).
- Track and follow up on findings with asset owners to ensure timely remediation or proper exception handling.
- Provide dashboards and reports to senior management on vulnerability status and remediation progress.
- Deliver data-driven insights to support audits, risk assessments, and executive reporting.
- Collaborate with cross-functional teams to embed security governance into IT and business processes.
- Mentor team members and contribute to governance program development and best practices.
What you will need to have:
- 4+ years of experience in information security or cybersecurity, with a focus on governance and compliance.
- Strong knowledge of NIST Cybersecurity Framework, NIST SP 800-40, CIS Critical Security Controls, PCI DSS, and related standards.
- Experience with industry-standard enterprise vulnerability scanning tools such as Qualys or Tenable, and Attack Surface Management platforms.
- Experience with tools such as WIZ and SNVR to assess and manage security risks.
- Proficiency in Power BI, SQL, or similar data analytics tools.
- Strong leadership, communication, and organizational skills, with the ability to collaborate effectively with cross-functional stakeholders.
- Demonstrated attention to detail, especially when tracking vulnerabilities, managing exceptions, and reporting to senior leadership.
What would be nice to have:
- Certificate in CISSP, Security+, or CISM (Candidates without these certifications must demonstrate a commitment to earning one within 12 months of hire).
Perks at Work:
- We’re #FiservProud of our commitment to your overall well-being with a growing offering of physical, mental, emotional, and financial benefits from day one.
- Maintain a healthy work-life balance with paid holidays, generous time off policies, including Recharge & Refuel time for qualifying associates, and free counseling through our EAP.
- Plan for your future with competitive salaries, the Fiserv 401(k) Savings Plan, and our Employee Stock Purchase Plan.
- Recognize and be recognized by colleagues with our Living Proof program where you can exchange points for a variety of rewards.
- Prioritize your health with a variety of medical, dental, vision, life and disability insurance options and a range of well-being resources through our Fuel Your Life program.
- Advance your career with training, development, certification, and internal mobility opportunities.
- Join Employee Resource Groups that promote our diverse and inclusive culture where associates can share perspectives, exchange ideas, and elevate careers.
R-10368636
