Every day, the people of TSYS® and Netspend® improve lives and businesses around the globe through payments. We make it possible for millions of people to move money between buyers and sellers using our payments solutions including credit, debit, prepaid and merchant services. We are "People-Centered Payments", and our team has the unique opportunity to help create a world in which payments make people's lives easier and better. This is both a tremendous honor and an important responsibility for those who accept the challenge. If you are looking to make a valuable difference for people everywhere — and for yourself — we may have the right place for you.Summary of This Role
We are looking for an experienced Developer to join our SecDevOps team. Must have a passion for securing applications and pipelines, knowledge of application security risks, and a willingness to share that knowledge with development teams.
The SecDevOps engineer will implement cutting edge security technologies inside SecDevOps pipeline processes. They will identify threats and risks, document remediation's, and teach their internal customers how to implement those remediations and how to prevent them in the future.
Ultimately, the SecDevOps engineer must be able to quickly assess risks in new architectures and applications, collaborate with development teams to address those risks, and help the development teams get their features and products to Production as quickly and securely as possible.
Experience in Full Stack development in an AWS environment, and a good understanding of Front- and Back-end system security, along with pipeline and Application Security is vital.
What Part Will You Play?
- Working with Infosec teams and Product Owners to achieve alignment between information security and business change objectives
- Architect, design and provide implementation patterns of security controls throughout solution delivery lifecycle.
- Design and develop generic security patterns and guidelines to enable applications stay compliant - integrate them Application and DevOps processes and CI/CD pipelines from early stages of the lifecycle
- Evaluate and onboard security tools such as RASP, WAF, SAST, vulnerability and open source scanning into the SecDevOps life cycle for multiple tech stacks
- Contribute features to internally developed Information Security tools, and integrate those tools into the SecDevOps pipelines.
- Drive continuous improvement to both the SecDevOps pipelines and processes, and to the Information Security tools, services, and processes
What Are We looking for in This Role?
- Experience working in an agile, DevOps/SecDevOps environment
- B.S or M.S in Computer Science or other related engineering fields
- 3+ years of experience working in a Software Engineering role with a solid foundation in programming, algorithms, and software application design
- 2+ years of experience working in a Security role handling on premise and cloud infrastructures
- 3+ years of experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for everyday deployments
- Experience with Kubernetes, AWS, SaltStack, Docker, and Kafka.
- Experience converting feedback from security analysis tools (Threat Stack, Amazon Inspector, etc.) into infrastructure improvements
- Hands-on experience with tools and technologies used throughout secure SDLC such as AppScan, Fortify, Veracode, WhiteSource etc.
- Knowledge of common software and web application security vulnerabilities crypto primitives, authentication protocols and authorization standards such as SSL/TLS, OAuth, JWT tokens etc.
- Knowledge of cryptographic principles and practice, security attack vectors and application security vulnerabilities such as SQL Injection, Cross Site Scripting, CSRF etc.
What Are We Looking For in This Role?
Not Ready to Apply? Join Our Talent Community!!
- TSYS Minimum Qualifications
- BS in Computer Science, Information Technology, Business / Management Information Systems or related field
- Typically minimum of 6 years - Professional Experience In Coding, Designing, Developing And Analyzing Data. Typically has an advanced knowledge and use of two or more opposing front / back end languages / technologies from the following but not limited to; two or more modern programming languages used in the enterprise, experience working with various APIs, external Services, experience with both relational and NoSQL Databases
TSYS is an equal opportunity employer (EOE) committed to employing a diverse workforce and sustaining an inclusive culture. For more information about your rights, click here.
Qualified individuals with disabilities may be entitled to reasonable accommodations to assist in their pursuit of employment with TSYS. This includes assistance in completing the job application (online or otherwise) and reasonable accommodations during the hiring process. For assistance with reasonable accommodations needed to apply for a job, please contact the TSYS Pay and Benefits Center between 8 a.m. and 7 p.m. Eastern Monday-Friday at [ Phone number blocked ] - URL blocked - click to apply or [ Phone number blocked ] - || or email at [ Email removed ] - ||.
Outside of US Applicants:
TSYS is committed to diversity and equal opportunities for everyone. We are committed to ensuring that all job applicants and team members are treated equally, without discrimination because of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability, age or any other characteristic prohibited by law. For more information, please refer to our Code of Business Conduct and Ethics, found here.
Web Application Security