Discover. A brighter future.

　　With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.

　　Come build your future, while being the reason millions of people find a brighter financial future with Discover.

　　Job Description:

　　At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.

　　The Application Security teams at DFS provides services and products for securing the software and product footprint used to run the business. As DFS business and engineering workforce has grown, our software footprint has also grown and become more heterogeneous, thus warranting next gen DevSecOps and Application security program implementation with focus on risk and compliance and app dev experience.

　　Reporting to the Head of Product Security, the Principal Cybersecurity Analyst will lead multiple functions within application security vulnerability management (AVM) and application security orchestration and correlation (ASOC). The AVM and ASOC functions are responsible for ensuring the discovery, assessment, communication, and remediation of vulnerabilities across app and product teams. This role will lead the cross-team response and operational efforts which will handle emergent vulnerabilities, create communication channels with app dev teams, form strategy for improving operational efficiencies, execute on roadmaps, and help facilitate vulnerability management program.

　　This role requires high levels of application security technical acumen, collaboration and oversight, including the effective challenge of remediation action plans, documentation of control gaps (e.g., Security Exceptions, Issues and Actions), and timely executive status reporting of overall organizational performance of application security risk management and compliance to security nonfunctional requirements. If you are still reading this and intrigued, you could be the right candidate for the role. Please see additional details below and apply today.

　　As a Principal Cybersecurity Analyst, you will optimize cybersecurity program processes and output. Principal Cybersecurity Analysts at Discover contribute to the broader program roadmap. You’ll play a key role in driving reporting accuracy and demand excellence in department deliverables. Actively manages and escalates risk and customer-impacting issues within the day-to-day role to management.

　　Responsibilities

　　Prepares department, committee, and board-level reports and presentation materials.

　　Proactively identifies and reports control deficiencies as issues within action plans.

　　Automates/enhances risk remediation workflows to reduce manual work and enforce consistency.

　　Supports financial planning processes, ensuring high value cyber initiatives are identified/prioritized.

　　Gathers and challenges data, evidence, or statuses for accuracy to achieve initiative and risk mitigation completion.

　　AppSec VM Program Ops: Implement application security vulnerability management program aligned with industry best practices for AppSec and establish/enforce security standards, policies, and procedures.

　　Collaboration and Communication: Collaborate with cross-functional teams to integrate security into the product development process and communicate security updates, risks, and strategies.

　　Team Leadership and Upliftment: Lead teams driving engineering upliftment in security practices and partner with teams on adopting the latest tools and methodologies for secure product development.

　　Developer Enablement: Lead initiatives and programs for shifting security to left and integrating AppSec into app dev workflow and processes.

　　Metrics and Reporting: Generate innovative ideas and challenge the status quo.

　　Develop scripts, automations, tools, or methodologies to enhance the team’s processes and capabilities, and reduce toil.

　　Create/update runbooks and SOP documentation.

　　Minimum Qualifications

　　At a minimum, here’s what we need from you:

　　Bachelors – Information Security, Information Technology, Analytics, Business or Project Management or related

　　6+ Years – Information Security, Information Technology, Business, Analytics, Project Management or related.

　　In lieu of a degree 8+ Years – Information Security, Information Technology, Business, Analytics, Project Management or related.

　　Internal applicants only: technical proficiency rating of proficient on the Dreyfus cybersecurity scale

　　Preferred Qualifications

　　If we had our say, we’d also look for:

　　Strong project management skills, highly organized.

　　Ability to maintain executive level reporting.

　　Strong written & verbal communication skills.

　　Ability to manage problems independently.

　　DevSecOps and AppSec background and experience would be highly desirable

　　Certifications: PMP, GIAC, CISSP, CISM, CRISC, PMP, Agile SAFe etc

　　External applicants will be required to perform a technical interview.

　　What are you waiting for? Apply today!

　　And by the way, while you're waiting to hear from us, don't forget to check out the great benefits Discover offers.

　　All Discover employees place our customers at the very center of our work. To deliver on our promises to our customers, each of us contribute every day to a culture that values compliance and risk management.

　　The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law (https://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm) ). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other characteristic protected by federal, state, or local law in consideration for a career at Discover.

　　Application Deadline:

　　The application window for this position is anticipated to close on Jan-24-2024. We encourage you to apply as soon as possible. The posting may be available past this date, but it is not guaranteed.

　　Compensation:

　　The base pay for this position generally ranges between $103,000.00 to $174,200.00. Additional incentives may be provided as part of a market competitive total compensation package. Factors, such as but not limited to, geographical location, relevant experience, education, and skill level may impact the pay for this position.

　　Benefits:

　　We also offer a range of benefits and programs based on eligibility. These benefits include:

　　Paid Parental Leave

　　Paid Time Off

　　401(k) Plan

　　Medical, Dental, Vision, & Health Savings Account

　　STD, Life, LTD and AD&D

　　Recognition Program

　　Education Assistance

　　Commuter Benefits

　　Family Support Programs

　　Employee Stock Purchase Plan

　　Learn more at MyDiscoverBenefits.com .

　　What are you waiting for? Apply today!

　　All Discover employees place our customers at the very center of our work. To deliver on our promises to our customers, each of us contribute every day to a culture that values compliance and risk management.

　　Discover is committed to a diverse and inclusive workplace. Discover is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or other legally protected status. (Know Your Rights) (https://urldefense.com/v3/__https:/www.eeoc.gov/poster__;!!MjXRb4uW6x5k!ABIVgRw0WsyX2wfQC-pKxK3V9X4h1NBUGgjO7EM8PTvp5MNRgpEuVC_jVk0fcn_ISAZjmwkbLuUIrj8mFedCBkyz$)