Security Solution Architect
Verifone
Why Verifone
For more than 30 years Verifone has established a remarkable record of leadership in the electronic payment technology industry. Verifone has one of the leading electronic payment solutions brands and is one of the largest providers of electronic payment systems worldwide.
Verifone has a diverse, dynamic and fast paced work environment in which employees are focused on results and have opportunities to excel. We take pride in the fact that we work with leading retailers, merchants, banks, and third party partners to invent and deliver innovative payments solution around the world. We strive for excellence in our products and services, and are obsessed with customer happiness. Across the globe, Verifone employees are leading the payments industry through experience, innovation, and an ambitious spirit. Whether it’s developing the next platform of secure payment systems or searching for new ways to bring electronic payments to new markets, the team at Verifone is dedicated to the success of our customers, partners and investors. It is this passion for innovation that drives each one of our employees for personal and professional success.
What's exciting about the role
As a Security Architect you will be working alongside the development teams to provide best in class security council and architecture. You will be setting the standards and guidelines to ensure Verifone meets the PCI regulatory standards and any other security industry standards both global and regional.
Main responsibilities:
- Develop the security criteria for the Verifone SDLC
- Continuously reviewing and improving the Verifone SDLC to ensure our code remains secure and PCI compliant
- Collaborating with software development teams preparing for PCI Audits
- Providing technical direction, defining technical and coding standards
- Perform application vulnerability assessments and evaluations
- Organizing and reviewing penetration testing with 3rd parties for development teams as and when needed
- Reviewing architectural designs to ensure they meet security standards and providing the security sign off
- Creating architectural blueprints and technical documentation, demonstrating prototypes through hands-on development (where possible)
- Analyzing the industry innovation trends and combining existing technologies with new tools and processes that ensure continuous code security
- Explore new threats, attack methods, and techniques
- Attending PCI Council meetings
Skills and Experience we desire
- More than 5 years of experience in the payments security domain within a software application space.
- Proven experience as a Security Architect or similar role within a financial services environment.
- Strong understanding of security by design principles and IT risk management.
- Demonstrate knowledge of PCI Standards used within the payments space.
- Excellent communication skills with the ability to articulate complex security concepts to a broad range of technical and non-technical stakeholders.
- Experience with OWASP Top10 or SANS Top 25
- Experience breaking down complex systems and applications to identify threats
- Relevant certifications (e.g., CISSP, CISM, SABSA, TOGAF) are highly desirable.
Knowledge of the following:
- Different coding languages .NET, Java, NodeJS, C, C++
- DevSecOps, AWS Cloud Native, CI/CD, containerization
- Financial System messaging systems
- Microservices architecture, Client/Server Architecture, REST APIs and API Gateways etc.
- Streaming mechanisms – Kafka or other queuing architecture
- Databases– MongoDB, Redis any SQL Database
Our commitment
Verifone is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Verifone is also committed to compliance with all fair employment practices regarding citizenship and immigration status.