VP Cyber Application Security

Fiserv • Alpharetta • 6h ago

Calling all innovators - find your future at Fiserv.

We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

About your role:
As a VP Cyber Application Security, you will lead and scale an enterprise application security program. You will partner with engineering and product teams to embed security into the software development lifecycle (SDLC), reduce application risk, and strengthen secure-by-design practices across modern application and API environments.

You will set the enterprise strategy and roadmap for application security, aligned to business priorities and risk tolerance, as well as lead and develop a high-performing AppSec organization (leaders, engineers, architects, and specialists), including hiring, coaching, and performance management.

In addition you will embed security requirements and controls into the SDLC, including secure design, coding standards, peer review, and release governance.

What you'll do:

Establish and mature secure architecture and threat modeling practices for applications, APIs, microservices, and cloud-native workloads.
Own the application security tooling strategy and operations (e.g., SAST, DAST, SCA, secret scanning, container/IaC scanning) and drive CI/CD integration and automation.
Drive vulnerability management processes for application findings, including severity standards, remediation SLAs, exception handling, and risk acceptance workflows.
Partner with engineering leaders to build scalable developer enablement (secure coding training, playbooks, reusable patterns, office hours, and “security champions” programs).
Provide executive-level reporting on application risk posture, trends, remediation performance, and program effectiveness using meaningful KPIs and KRIs.
Collaborate with incident response, fraud, infrastructure security, and GRC teams to ensure application risks are addressed end-to-end.
Support regulatory, audit, and client assurance needs by producing evidence, artifacts, and program documentation related to application security controls.
Influence third-party and open-source risk practices as they relate to software supply chain security.

Experience you'll need to have:

12+ years in cybersecurity and/or software engineering, with demonstrated experience building and operating an enterprise AppSec program across multiple product lines and technology stacks.
8+ years of leadership/managerial experience in application security.
8+ years of experience in SDLC practices, common vulnerabilities, and modern application architectures (APIs, microservices, cloud, containers).
8+ years of experience implementing and operationalizing AppSec tooling and integrating it into CI/CD pipelines at scale.
Bachelor's degree in computer science, Information Technology, Information Systems, or a related field (or foreign equivalent degree) or equivalent work experience.

Experience that would be great to have:

Proven ability to influence engineering and product leadership through partnership, governance, and metrics-driven decision-making.
Experience in leveraging AI or similar technologies for automating processes, improving services, and reducing SLAs.
Background in regulated environments and familiarity with common security and risk frameworks.
Experience with software supply chain security practices (SBOM, dependency governance, code signing, pipeline integrity).
Experience with penetration testing oversight and integrating findings into engineering backlogs.
Relevant certifications (e.g., CISSP, CSSLP, GIAC, or equivalent) or comparable demonstrated expertise

Important information about this role:

This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.
You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role.
This is a full-time, direct-hire position, and no contract options for unsolicited agency submissions will be considered.
All offers of employment are contingent on standard background checks. Fiserv and certain of its affiliated companies are federal, state, and/or local government contractors. Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. Positions that support state and/or local contracts also may require additional background checks to determine eligibility and suitability.

#LI-MK1

Salary Range

$168,500.00 - $271,200.00

These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.

It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.

For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company’s sole discretion.

Thank you for considering employment with Fiserv. Please:

Apply using your legal name
Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

Our commitment to Equal Opportunity:

Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.

If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contact AskHR.US@fiserv.com. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv’s Disability Accommodation Policy for additional information.

Note to agencies:

Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.