About NCR Atleos
nNCR Atleos, headquartered in Atlanta, is a leader in expanding financial access. Our dedicated 20,000 employees optimize the branch, improve operational efficiency and maximize self-service availability for financial institutions and retailers across the globe.
nPosition Summary & Key Areas of Responsibility
nIn this mission critical role as an Application Security Architect, you will will serve as the AppSec technical lead for global, enterprise-wide applications and services. You will be part of a dynamic global application security team, working directly with software architects and software engineers to establish, enable, and improve the security of the software solutions developed within the company.
nAs NCR pushes forward as a software-focused company, you'll work in a fast-paced environment, helping enable teams to work in a DevSecOps model in a world of containers, automated pipelines, and rapid deployments. And you'll be instrumental in securing applications and services in a cloud environment. NCR produces hardware and software for major companies in Retail, Hospitality, and Banking come help secure the state-of-the-art!
n
- nWork as the lead to design, implement and govern the overall security architecture of NCR products.
- nManage security considerations for the transition of SaaS on-prem applications to private cloud environments.
- nAligning the secure development lifecycle to industry standards, including Microsoft SDL, OWASP development guides, and Privacy/PII related topics (privacy-by-design).
- nIntegrate/enable security engineering automation (e.g. SAST, IAST) in the delivery pipeline.
- nPerform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
- nLead threat modeling, design reviews and code reviews as part of the development lifecycle.
- nParticipate in application pen testing and remediation efforts with engineering teams.
- nDesign and deploy state-of-art technology to meet the business needs and interface with business units regarding technical planning and application security topics.
- nLead the implementation of proposed solutions while interfacing with the Project Management Office (PMO) to ensure the coordination, communication and successful delivery of projects.
- nDevelop and maintain security procedures and guidelines for NCR products.
- nManage relationships and interactions with human resources, legal, customers, and internal audit departments.
nBasic Qualifications
- nBachelor's Degree in a technical discipline or equivalent work experience
- n7+ years background in software development.
- nFluency in Java and .Net
- nPipeline/CI/CD/automation experience
- nExperience with various cloud providers (GCP/Azure)
- nContainer experience (Docker, Kubernetes)
- nExperience with PCI, PA-DSS, and other audits (e.g. FFIEC, SOX)
- nExperience with privacy requirements of a global corporation (e.g. GDPR, CCPA)
- nSoft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.).
nPreferred Qualifications
- nSecurity certifications, e.g. CISSP, CSSLP, CEH
- nPrivacy training and certification, e.g. CIPT
- nExperience with retail, financial, and/or hospitality software, particularly the types of vulnerabilities and security testing associated with them.
- nActive participation in cybersecurity forums/conferences, e.g. DEFCON, Black Hat.
nOffers of employment are conditional upon passage of screening criteria applicable to the job.
nEEO Statement
nNCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law.
nStatement to Third Party Agencies
nTo ALL recruitment agencies: NCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.
