About This Role

Discover. A brighter future.

With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.

Come build your future, while being the reason millions of people find a brighter financial future with Discover.

Job Description:

At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.

This Expert level architect will be tasked with developing application security architectures, identifying, and solving capability gaps, and developing strategy that enables Discover business goals. This is a senior architect role that will partner closely with developers and application security engineers to drive secure application development practices at Discover. They will be responsible for working with product owners, engineers, and leadership to advise on the vision and roadmap for Discover’s application security strategy and capabilities. They will also provide expertise and guidance to solve application design and consulting inquiries. They must excel at communicating at all levels with the ability to build consensus across numerous stakeholders ensuring the security of Discover’s assets while enabling developer capabilities.

As a Cyber Security Architect, you will be part of the Cybersecurity Architecture Team focused on helping design, implement and mature innovative and cutting-edge security capabilities. The Cybersecurity Architecture Team champions secure by design principles into our initiatives, provides hands on technical leadership for security domains, assists with defining vision and execution of strategy aligning to business needs and is expected to help solve wide range of security challenges. The Cybersecurity Architecture Team is part of a highly collaborative Cybersecurity program and an engineering culture driven technology organization. Actively manages and escalates risk and customer-impacting issues within the day-to-day role to management.

Responsibilities

• Develop and maintain the lifecycle of reference architectures that will support the application security architecture domain.
• Partner with the application security program and application developers to support the vision and strategy roadmap to enable secure application coding practices across the enterprise.
• Ensures that application security reference architectures, processes, and policies align to business goals.
• Technical consultant for application security best practices and resolving gaps identified through the governance process.
• Creates and manages application security current and target state architectures along with a product family capability taxonomy.
• Drives adoption of new architectures by working collaboratively with product owners, engineers, and application developers.
• Collaborates with the innovation domain to identify and deliver technology evaluations.
• Accountable for the overall technical architecture of the application security product family ensuring operational excellence, security, performance efficiency, developer experience, cost optimization, and reliability in all architectures.
• Represents application security at various governance and technical architecture forums.
• Develop application security best practices and standards to be consumed by application developers.
• Demonstrates thorough understanding of cybersecurity technology portfolio, security principles and frameworks. Stays current with emerging technology evolution in cybersecurity and general technology areas, assesses against architecture gaps, overlap with existing solutions or extend capabilities to solve security concerns while considering cost
• Incorporates knowledge of business priorities, and enterprise technology priorities in building long term cybersecurity technology strategy
• Identifies, designs, updates and maintains security architecture capabilities for multiple cybersecurity domains and designs security reference architectures to mitigate potential security threats
• Employs an overall governance model for reviewing architecture across the cybersecurity, enterprise to understand impact to cybersecurity strategy, defining future-state and transition architectures, advancing strategic agendas while tracking and retiring technical debt
• Develops multi-domain level technology architecture roadmaps in alignment with cybersecurity product domain strategy and enterprise architecture strategy. Manages stakeholder relationships to communicate architecture direction and impacts to one or multiple cybersecurity product domain strategy
• Leads large or strategic cybersecurity initiatives, develops architecture deliverables which align to business objective / security risks relevant to initiative to securely enable business and benefit realization of investments
• Develops cross-domain / product value chain models and processes that supports or enables capabilities and align strategic objectives with tactical demands
• Stays current on relevant industry compliance requirements and emerging ones and incorporates them into strategic plans

Minimum Qualifications

At a minimum, here’s what we need from you:

• Bachelors – Computer Science or related
• 10+ Years – Information Security, Engineering, Business Administration, Data Analytics, Technical Architecture or related
• Internal applicants only: technical proficiency rating of expert on the Dreyfus architecture scale

Preferred Qualifications

Bonus Points If You Have:

• In-depth experience with DevOps or traditional application development.
• Experience with Spring Java, K8s, Open Shift Container Platform, or Pivotal Cloud Foundry.
• Experience in Cloud Service Providers - Amazon Web Services, Google Cloud Platform, or Microsoft Azure.
• Deep understanding of secure application coding standards and best practices.
• In-depth understanding of API security best practices and configuration.
• Experience with the Open Web Application Security Project Top 10 and remediating vulnerabilities.
• Experience with secrets management best practices and integrations within pipelines.
• Experience with remediating vulnerabilities identified through static, dynamic, and interactive code scanning engines.
• Experience with automated Continuous Integration / Continuous Delivery pipelines and shifting security left.
• Experience with Nexus Sonatype, JFrog Artifactory, and custom in-house security pipelines.
• Mobile application security experience
• Possess relevant Cybersecurity / AppDev certification

External applicants will be required to perform a technical interview.

#LI-MF1

Compensation:

Benefits:

We also offer a range of benefits and programs based on eligibility. These benefits include:

• Paid Parental Leave

• Paid Time Off

• 401(k) Plan

• Medical, Dental, Vision, & Health Savings Account

• STD, Life, LTD and AD&D

• Recognition Program

• Education Assistance

• Commuter Benefits

• Family Support Programs

• Employee Stock Purchase Plan

Learn more at MyDiscoverBenefits.com.

What are you waiting for? Apply today!

All Discover employees place our customers at the very center of our work. To deliver on our promises to our customers, each of us contribute every day to a culture that values compliance and risk management.

Discover is committed to a diverse and inclusive workplace. Discover is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or other legally protected status. (Know Your Rights)