InComm Payments
Information Security Engineer III
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About InComm Payments
InComm Payments is a global payment technology company based in Atlanta, Georgia, founded in 1992. The company specializes in prepaid products, cash digitization, card solutions, and innovative payment services across various sectors, including retail, healthcare, and financial services. With over 400 patents and a workforce of approximately 2,400 employees in 35 countries, InComm Payments has established a vast distribution network of more than 525,000 retail and online points in over 40 countries. The company offers a wide range of prepaid and payment solutions, including gift cards, debit cards, bill pay services, and omnichannel commerce tools. InComm Payments is recognized for its patented point-of-sale activation technology, which has been pivotal in the prepaid industry. The company has received numerous awards from major retailers, highlighting its strong partnerships and leadership in payment innovation.
Security at InComm Payments
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- InComm Payments' AppSec philosophy emphasizes centralizing security tooling, security automation, and protecting sensitive data.
- They aim to unify diverse tools into a single pane of glass, invest in automation to reduce response time, and protect sensitive data.
- The company's approach supports developer enablement, allowing engineers to create integrations and automations, and integrates security into the SDLC by working closely with development teams. Their risk philosophy focuses on protecting sensitive data (PHI, PI, company secrets) and automating data protection workflows.
- Stated pain points include disjointed, siloed tools and limited visibility in the SOC, with goals to centralize case management, improve metrics visibility (MTTD/MTTR), and achieve faster remediation.
Security Team
- Jonathan Kennedy serves as the Chief Information Security Officer (CISO) for InComm Payments.
- The company's security team includes individuals like Joseph Hays, who has experience with security monitoring, endpoint detection, and analytic tools such as Azure, Recorded Future, and CrowdStrike.
- Ravi T lists skills in SAST, DAST, API Security, WAF, DevSecOps, and Cloud Security, while Jordan Mechwart is a cybersecurity professional with a strong background in application security.
- AppSec responsibilities, as indicated by job postings, include integrating security practices into the software development lifecycle, implementing Static Application Security Testing (SAST) tools, and participating in security reviews.
Key Initiatives
Information regarding a public Security Champions program at InComm Payments is not publicly available. Similarly, the formal AppSec organizational structure with its reporting lines is not publicly available. As of, no active AppSec job postings were found in the scraped sources. Explicit, published vulnerability remediation SLAs or detailed MTTR/triage ticketing workflows beyond general SOC metrics from a vendor case study are not publicly available. While job postings mention SAST and SDLC integration, explicit references to formal 'shift-left' tooling (e.g., IDE plugins, pre-commit hooks) are not publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.