Calling all innovators - find your future at Fiserv.
We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
Job Title
Technology Risk and Control Lead
About your role:
You will serve as an embedded technology risk partner within Merchant Solutions, providing risk-based guidance across technology, cybersecurity, and control execution. You will work closely with business and IT leaders, the Information Security Office, Cyber Risk Manager, and Tech Audit to strengthen control effectiveness, support regulatory and audit objectives, and help protect systems, data, and client trust.
What you'll do:
- Develop and promote a security-first approach across the business unit by integrating technology and cybersecurity controls into planning, delivery, and operations.
- Maintain a detailed understanding of business processes, technologies, system architecture, data flows, third-party integrations, and customer touchpoints to inform risk prioritization and control design.
- Serve as a primary adviser to technology and business stakeholders on technology risk, cybersecurity risk, control effectiveness, and issue escalation.
- Partner with Legal, Compliance, Technology Risk, and Cybersecurity teams to implement and maintain policies, standards, and controls aligned to regulatory and audit requirements.
- Coordinate incident response, investigations, root cause analysis, corrective actions, and post-incident remediation with crisis management and security incident response partners.
- Identify control gaps and non-compliance issues through risk assessments, control reviews, and testing activities, then track remediation plans and report progress to stakeholders.
- Develop and maintain a technical risk roadmap in partnership with Technology Risk, Cybersecurity Engineering, and Operations, including oversight of service level agreements, resiliency processes, backup controls, and problem management.
- Responsibilities listed are not intended to be all-inclusive and may be modified as necessary.
Experience you'll need to have:
- 8+ years of experience in information security, technology risk, or IT controls, including use of frameworks such as National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), ISO 27001, and COBIT, and mapping controls to regulatory standards such as Federal Financial Institutions Examination Council (FFIEC), Gramm-Leach-Bliley Act (GLBA), and Payment Card Industry Data Security Standard (PCI DSS).
- 8+ years of experience with governance, risk, and compliance (GRC), risk assessment, control testing, issue remediation, and vulnerability management tools and processes.
- 8+ years of experience with identity and access management, privileged access management, and access governance practices using tools such as SailPoint, Ping Identity, or equivalent platforms.
- 8+ years of experience with IT service management and collaboration tools such as ServiceNow, Jira, Confluence, or equivalent platforms supporting service level agreements, change management, backup, and resiliency processes.
- 8+ years of experience presenting risk findings, remediation status, and control priorities to business, technology, audit, and executive stakeholders.
- Bachelor's degree or higher in information security, cybersecurity, information systems, computer science, business, or a related field, or equivalent combination of education, related experience and/or military experience.
Experience that would be great to have:
- Experience working in payments, financial technology, or large-scale merchants or acquiring environments.
- Experience coordinating with external auditors and regulators on technology and cybersecurity examinations.
- Familiarity with Lean Process Automation or Six Sigma principles applied to control remediation and process improvement.
- CISSP, CISM, CRISC, or equivalent information security or risk certification.
How you’ll work:
- This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experience helps you with your overall onboarding experience and leads to stronger productivity.
- This role requires the use of a computer and audio equipment.
Sponsorship:
You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role.
#LI-IH1
Salary Range
$146,000.00 - $244,800.00
These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company’s sole discretion.
Thank you for considering employment with Fiserv. Please:
- Apply using your legal name
- Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
Our commitment to Equal Opportunity:
Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.
If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contact AskHR.US@fiserv.com. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv’s Disability Accommodation Policy for additional information.
Note to agencies:
Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.
Warning about fake job posts:
Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.