Security Engineer III

Overview

Shift4 (NYSE: FOUR) is boldly redefining commerce by simplifying complex payments ecosystems across the world. As the leader in commerce-enabling technology, Shift4 powers billions of transactions annually for hundreds of thousands of businesses in virtually every industry. For more information, visit www.shift4.com.

Reporting to the Director of Enterprise Security & Compliance, the Senior Security Engineer III will be responsible for developing and maintaining the security infrastructure of our organization, ensuring that it meets the highest standards of security and compliance. The role requires an individual who is comfortable working in a fast-paced environment, and who can manage multiple projects simultaneously. The Engineer is proficient in secure network architectures, encryption technologies and standards, application security, virtualization technologies and secure coding practices. They are familiar with identity and access management principles, networking routing techniques, social engineering, Advanced Persistent Threat (APT) and gateway anti-malware. Position may require long hours and collaboration within a team.

Responsibilities

• Design, implement and maintain security infrastructure and controls, including but not limited to, SIEM, IDS, IPS, firewalls, and other security technologies.
• Develop and implement security policies, procedures, and standards in accordance with industry best practices and compliance requirements.
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security threats and vulnerabilities.
• Respond to security incidents and breaches, and lead the investigation and resolution of security issues.
• Manage relationships with external security vendors and service providers.
• Collaborate with other departments to ensure security requirements are integrated into their systems and processes.
• Keep abreast of new security threats, vulnerabilities, and trends, and recommend security improvements accordingly.
• Act as a subject matter expert on security-related matters, providing guidance and advice to management and other stakeholders.

Qualifications

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• At least 5 years of experience in the payments industry
• Experience with and working with SIEM, IDS, IPS, and firewalls.
• Experience with security assessment tools, vulnerability scanning tools, and penetration testing tools.
• Knowledge of security best practices and compliance requirements such as PCI-DSS, SOC 2, SOX, and GDPR.
• Strong analytical and problem-solving skills, with the ability to work independently and as part of a team.
• Excellent written and verbal communication skills.
• Ability to thrive in a fast-paced, dynamic environment.
• Relevant certifications such as CISSP, CISM, or CEH are a plus.
• 5 years security experience; preferably in securing new products and platforms; with at least six years in a significant leadership role