Application Security Engineer Specialist

Are you ready to unleash your full potential?  We’re looking for people who are passionate about payments to chart Worldpay’s path to being the largest and most-loved payments company in the world.

About the team

Our Application Security Team is dedicated to helping our development teams build secure software solutions for merchants.  The team provides security input to engineering teams throughout the product lifecycle. They work closely with engineers to proactively identify, assess, and resolve software vulnerabilities. They also create reference implementations for security patterns to be used across products in a reusable, consistent manner.  The team partners with the broader Security team to help accelerate software initiatives for merchants. 

What you will be doing

You will work closely with the engineering teams to explain detected software vulnerabilities and recommend remediation options.  You will help build security awareness through team connects, lunch and learns, and reviews.  You will work to promote controls to secure software throughout the lifecycle, from the developer’s sandbox through to production.  You will use your familiarity with secure code patterns to recommend implementations (e.g. authentication, encryption)

• Explain detected vulnerabilities in software and recommended remediation options.

• Build security awareness- highlighting active exploits and assessing urgency levels.

• Vulnerability scoring and analytics, managing risk acceptance thresholds)

• Provide software security design insight for propositions, product designs, and service enhancements throughout full lifecycle from initial idea to running in production.

• Align solutions with PCI, SOC, GDPR, CCPA, and cloud security best practices.

• Communicate security concerns and design options to business.

What you bring:

• Software security and software engineering experience

• Experience working with on-prem and cloud applications.

• Experience using DAST and SAST tools and services.

• Experience performing secure code reviews, false-positive/non-exploitable verification.

• Familiarity with Java and/or .NET

Added bonus if you have:

• Expertise in authentication and authorization protocols, cryptography, and application security.

• Experience in analysing threats of cloud and application components.

• Payment industry and PCI experience

• Experience with securing API’s, web app, API, and WAF protection.

• CISSP or other security certifications

What we offer you

• A modern, international work environment and a dedicated and motivated team

• The chance to work on some of the most challenging, relevant issues in financial services & technology.

• A fantastic range of benefits designed to help support your lifestyle and wellbeing.

• A work environment built on collaboration, flexibility and respect.

#LI-AB1

#LI-Hybrid

#LI-Worldpay

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass