API Security Engineer

Calling all innovators – find your future at Fiserv.

We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

What does a successful API Security Engineer do at Fiserv?

You will work with the “Operational Application Protection Team” where you will focus on reducing the potential impact of threats to internet facing APIs. You will have frequent interaction with Security Assessment, Security Operations and Cyber Security Incident Response teams working together to find ongoing threats to APIs. You will take the work a step past ‘identify’ and join us in developing protections for APIs using modern cyber technologies and protecting operational APIs in real-time.

What you will do:

• Maintain and run API security configurations
• Perform false positive analysis on API security events
• Design and create alerting and monitoring to ensure platform health and stability
• Be comfortable driving work efforts outside business-hours, when necessary, as part of on-call rotation schedule
• Act as a front-line and escalation interface to the business, reviewing trouble tickets and executing the required actions

What you will need to have:

• 10+ years of IT and cyber protection experience
• 5+ years of experience working on cyber threats as related to API security
• 5+ years of experience utilizing NIST CVE data relating to API vulnerabilities to develop threat response actions utilizing OSI Layer 4 through 7 deep inspections
• 5+ years of experience supporting cyber technologies that can protect operational API systems such as Traceable, Salt Security or NoName
• 3+ years of experience with threat analysis of web application network traffic protocols and patterns
• 2+ years of experience using scripting or automation to reduce team’s workload
• Bachelor’s degree in computer science, or a relevant field, or an equivalent combination of education, work, and/or military experience

What would be great to have:

• Advanced degree in computer science or a related field
• 2+ years of experience resolving network infrastructure issues
• 1+ years of experience in Scripting tools like Python and Bash
• 1+ years of experience in HTTP protocol
• CISSP or other professional cyber certification desirable

#LI-RM1

This role is not eligible to be performed in Colorado, California, District of Columbia, Hawaii, Illinois, Maryland, New York, Nevada, Rhode Island or Washington.

It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.

Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.

Thank you for considering employment with Fiserv.  Please:

• Apply using your legal name
• Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

Our commitment to Equal Opportunity:

Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. 

If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contact AskHR.US@fiserv.com. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv’s Disability Accommodation Policy for additional information.

Note to agencies:

Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.