The job below is no longer available.

You might also like

in Riverwoods, IL

Use left and right arrow keys to navigate

About this job


The Application and Data Security team is a multi-functional, highly skilled team tasked with maintaining and improving the state of application security in the enterprise, including n-tier applications, thick clients & web services as well as Identifying trends in current and new web threats against our sites.

As an Application Security Engineer-Customer Digital Protection, you will work to identify web threats against our sites, engineer solutions to provide data to plan and mitigate potential risks. As part of the role, this position will leverage state of the art web threat detection tool for anomalous behavior detection and use intelligence data to drive remediation and or enhance the security posture of Discover’s websites.
You will perform risk analysis, security engineering and provide security consulting services to internal business partners and participate in a wide range of security issues and discussions focused on mitigating risks and building secure applications. You will have the opportunity to work in an innovative and diverse environment.
The ideal candidate will have in-depth understanding of common web threats, application security flaws, malicious code, understand attack methods used by cyber threat actors as well as have an understanding of threat finance, money laundering, fraud and other criminal activity.

Given the team’s role in interfacing with many areas of the organization, team members must foster good working relationships with business and IT managers to ensure the organization meets its business objectives. The candidate should possess good organization skills with the ability to exercise discretion and ingenuity to determine the proper course of action while following established standards.

Qualifications

Required:
• Bachelor’s degree in computer science, mathematics, engineering or related field and 5+ years information security experience, or Master’s degree in computer science, mathematics, engineering or related field and 2+ years information security experience.
• Experience in web threat analysis
• Experience in HTTP traffic analysis
• Scripting experience, including working with APIs (e.g., Perl, Python shell scripting)
• Knowledge of common web and mobile application risks and vulnerabilities and how they can be used to conduct eCrime.
• Very strong analysis, project management, verbal and written communication skills
• Must be able to manage multiple projects simultaneously
• Must be highly motivated and able to work effectively under minimal supervision
• Must be team-oriented, placing priority on the successful completion of team goals
• CISSP, , GIAC, CEH or other relevant information security certification
• Knowledge of one or more of the following helpful, but not required -IPS, Network Firewalls, Web Applications Firewalls.
. We are an Equal Opportunity Employer and do not discriminate against applicants due to race, ethnicity, gender, veteran status, or on the basis of disability or any other federal, state or local protected class.