Shift4 is boldly redefining commerce by simplifying complex payments ecosystems across the world. As the leader in commerce-enabling technology, Shift4 powers billions of transactions annually for hundreds of thousands of businesses in virtually every industry. For more information, visit shift4.com As part of our continued growth, we're looking for an Information Security Architect. Key Roles and Responsibilities:
* Play key role in product & system design, reviews and solution architecture, and provide security guidelines, all in a highly regulated ecosystem.
* Control and manage mitigation plan implementation as part of the above security guidelines
* Identify, research, explore, and lead the evaluation and implementation of new security controls for the required business projects
* Work closely with the product team to enhance Finaro’s product security
* Work with IT teams on new innovative infrastructure projects, including VM environments, network infrastructure, storage systems, DB platforms, and cloud environments, and provide security guidance for all related fields and layers respectively
* Work with R&D teams to enhance application security within Finaro software
Requirements: * Experience as an information security architect in a financial company
* At least 3-5 years in Information Security roles
* Experience in leading Information Security projects from initiation to delivery, including RFI/RFP phases, SOW definition, plan, integration, and full delivery
* Experience with OS security, mainly Linux
* Experience with information security systems including Network firewalls, IDS/IPS, WAF, Multi-Factor Authentication platforms, VPN systems, Central anti-virus systems, etc.
* Experience with cloud infrastructure/cloud security (mainly AWS)
* Experience with open-source tools and platforms
* Excellent English (both speaking and writing) Advantages:
* Required: CCNA, advantage: CISSP and/or CSSLP certification
* Experience with web & application security, familiar with OWASP frameworks, solutions and initiatives
* Experience with database security, mainly Oracle, MySql, and PostgreSQL
* Experience with security projects such as Static Code Analysis, DB Firewall, and CASB implementations
* Experience with offensive security and penetration testing tools
This position is open to all candidates.