Cyber Security Architect
- Mentor, OH 44060, USA
Let’s face it. Everyone prefers shopping in their pajamas at home over traveling to the mall. CardinalCommerce, a Visa company, works to make online shopping as safe and easy as possible. For over two decades, we’ve been bringing merchants, issuers, and shoppers together in an experience where everybody wins. With singular focus, proven technology, and dedicated service, we are continuously raising the bar for payment authentication around the world. We put authentication first because we believe digital commerce should be safe, rewarding and engaging for everyone involved in the process.
Join us on this journey. At Cardinal, we’re a group of genuine, dependable, and hardworking people who are treated right with flexible work schedules, a fun company culture and unbeatable benefits. See why we’re one of the leading FinTech companies in Northeast OH.
The Cyber security Architect will be designing, building, testing and implementing security systems within an organization’s IT network. The Cyber security Architect is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products. Responsible for overall planning, direction and oversight of multiple projects, products, services or functions.
● Be a product security champion by driving Security Architecture and Design/implementation/optimization for Web, API and Mobile backend applications
● Engage in the initial requirements definition (including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards.
● Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
● Enable/build security on various platforms and technologies which protect the applications from attacks.
● Help business and Product teams to achieve various compliance certifications like PCI, FFIEC, etc.
● Identify and analyze system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.
● Independently formulate direction, design or oversight for the development of major Enterprise-wide programs or plans that have significant impact on the success of the organization.
● Conduct regular system tests and ensure continuous monitoring of systems and network security.
● Review current system security measures and recommending and implementing enhancements
● Stay up to date with the latest security systems, standards, authentication protocols, and products
What we want you to have:
● Minimum of a Bachelor’s Degree in Computer Science, Information Technology, or other related field
o In lieu of degree, a high school diploma/equivalent with four or more years related experience and/or training or equivalent combination of education and experience will be considered
● 10+ years of work experience in information security and/or IT risk management with a focus on security, performance and reliability
● Strong understanding of security protocols, cryptography, authentication, authorization and security.
● Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
● Experience with application design, penetration testing, application risk and risk categorization.
What we would love for you to have:
● CISSP, CEH, GCIH, and similar security certifications
● Experience with the vulnerability management lifecycle.
● Deep understanding of current compliance, regulatory and legal requirements relevant to the transaction processing industry such as PCI, HIPPA, SOX, and GLB.
● Knowledge of administrative, physical and technical controls that could be built around networks, systems and applications to secure them.
● A proven record of accomplishment in designing security controls for complex web applications with backend services expertise such as API Gateway, Identity and Access Management Services, Data Protection technologies, Security Information Event Management etc.
● Strong knowledge of deep design review and Secure Development Lifecycle methodologies, Agile based methodologies, middleware platforms, development platforms (Java, C#, .NET etc.).
● Experience working on large scale cloud-based services (including SaaS, PaaS, IaaS) and very understanding of security challenges involved in deploying Cloud Applications
● Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms. Cardinal/Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Cardinal/Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.