Sr. Manager, Secure Software Supply Chain

Fiserv • Full-time • Alpharetta, Georgia, United States • 7h ago

About your role:
Fiserv delivers technology solutions that enable secure, efficient financial services for clients worldwide. The Cyber Application Security team focuses on safeguarding application-level assets across development and production environments. In this role you will design and operationalize application security controls to protect client data and support secure product delivery.

What you’ll do:

Design, implement, and maintain application security strategies, standards, and frameworks across product lines.
Perform security assessments, threat modeling, and secure code reviews to identify and remediate vulnerabilities.
Lead the development and execution of SCA, runtime vulnerability, and CI/CD/pipeline security programs.
Integrate security tooling into CI/CD pipelines and collaborate with engineering teams to enforce secure development practices.
Triage and respond to application security incidents, perform root cause analysis, and drive corrective actions.
Configure and manage application security tools (SCA, DAST, SAST, runtime monitoring) and validate their effectiveness.
Partner with cloud, platform, and DevOps teams to secure cloud-native workloads, containers, and IaC.
Responsibilities listed are not intended to be all-inclusive and may be modified as necessary.

Experience you’ll need to have:

10+ years of experience in application security architecture, threat modeling, and secure coding frameworks (OWASP Top 10, threat modeling methodologies).
10+ years of experience in vulnerability management and open-source risk management including hands-on use of SCA tools such as Sonatype Lifecycle.
8+ years of experience securing CI/CD pipelines and build systems (Jenkins, GitLab CI, Azure DevOps).
8+ years of experience with cloud platform security (AWS, Microsoft Azure, Google Cloud Platform) and cloud-native security controls.
8+ years of experience in container and runtime security, including Docker, Kubernetes, and runtime protection/observability tools (e.g., Dynatrace, Falco).
6+ years of experience in Infrastructure as Code (Terraform, CloudFormation) scanning and IaC security tooling (Checkov, tfsec).
6+ years of experience in server/OS administration and logging/monitoring (Linux/Unix/Windows, SIEM/Splunk, centralized logging).
1+ year of Fiserv systems experience.
6+ years of equivalent combination of educational background, related experience, and/or military experience.

Experience that would be great to have:

Program leadership experience building and scaling DevSecOps or application security programs across multiple product teams.
Hands-on experience with Sonatype Lifecycle, Dynatrace, Checkov, and Git-based CI/CD platforms in production.
Familiarity with compliance frameworks and controls relevant to payments and financial services (PCI DSS, SOC 2, ISO 27001).
Certifications such as CISSP, CISM, OSCP, or equivalent technical/security certifications.
Demonstrated cross-functional leadership and executive communication experience to influence engineering and product stakeholders.

How you’ll work:

This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.
This role requires the use of a computer and audio equipment.

Travel:

Approximately 0% travel off-site or to other office locations is expected.

Sponsorship:

You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role.

Benefits at Fiserv:

Fuel Your Life program to support physical, financial, social, and emotional well-being
Paid holidays and generous time away policies
No-cost mental health support through Employee Assistance Programs
Living Proof program to recognize your peers’ extra effort with points used for rewards
Eight Employee Resource Groups to foster a collaborative culture
Unparalleled professional growth with training, development, and internal mobility opportunities
Retirement planning and discounted shares with the Employee Stock Purchase Plan
Medical, dental, vision, life, and disability insurance options available day one
Tuition assistance and reimbursement program
Paid parental, caregiver, and military leave

R-10375694