Senior Information Security Engineering Analyst

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.
Summary of This Role
Develops, configures, documents, and maintains Information Security solutions. Installs and configures web proxies, SIEMs, web application firewalls, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Monitors and responds to alerts. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Evaluates web application security controls and performs validation testing as needed. Evaluates Information Security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Ensures that IS security architecture/designs, plans, controls, processes, and procedures are aligned with IS standards.
What Part Will You Play?

• Responsible for the design and configuration of security systems, including proxy, remote access, intrusion prevention, data leak prevention, security information and event management, endpoint monitoring software, vulnerability scanning systems, and web application firewalls.
• Delivers secure solutions and/or secure remediation solutions for highly complex projects to the enterprise with intermediate technical applications included.
• Proactively monitors complex systems for potential gaps and responds to known and emerging threats against the Global Payments network.
• Provides input in assessing and disseminating threats related to the enterprise in regard to current vulnerabilities by managing and developing an emerging threat model.
• Provides expert advice and leads discussions on new security technologies and trends while also being able to validate corporate conformance to industry standards utilizing set analysis criteria.
• Completes detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events. Including working into an oncall rotation.
• Performs incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities.
• Participates in execution and development of strategies for conducting system penetration, vulnerability and web application testing, risk assessments, policy creation.

What Are We Looking For in This Role?
Minimum Qualifications

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
• Typically Minimum of 4 Years Relevant Exp
• Relevant professional certification such as - CISSP, CEH, CISA, CISM, eWPTX, OSWE, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT

Preferred Qualifications

• Cloud security experience is desirable
• Scripting knowledge such as Python and PowerShell is desirable
• Typically Minimum of 6 Years Relevant Exp

What Are Our Desired Skills and Capabilities?

• Skills / Knowledge - A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways.
• Job Complexity - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise.
• Supervision - Normally receives little instruction on day-to-day work, general instructions on new assignments.
• Network Engineering - Maintains an understanding of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
• Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs
• Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.
• Incident Response - Knowledge and skills to contribute to all phases of Incident Response.
• Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and authentication, authorization, and encryption solutions

Global Payments Inc. is an equal opportunity employer.
Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.