Company Description|Job Description
Visa operates the world's largest retail electronic payments network & is one of the most recognized global financial services brands. Visa facilitates global commerce through the transfer of value & information among financial institutions, merchants, consumers, businesses & government entities. We offer a range of branded payment product platforms, which our financial institution clients use to develop & offer credit, charge, deferred debit, prepaid & cash access programs to cardholders. Visa's card platforms provide consumers, businesses, merchants & government entities with a secure, convenient & reliable way to pay & be paid in 170 countries & territories.
Doyou believe the best offense is a great defense? Do you enjoy creative out of the box thinking using your deep technical knowledge to harden applications & prevent potential attacks? If yes, & you are interested in partnering with 3rd party vendors & internal Cyber Security teams to insure Visa's corporate applications are protected then this role is for you! The ideal candidate will have a deep understanding of today's cyber security landscape & excellent engineering skills to manage vulnerability remediation, partner with vendors on penetration testing as well as conduct proactive security analysis and/or testing during software development lifecycle. We believe in leading by example, ownership with high standards & being curiously creative. Strong organization skills, attention to detail, & an ability to be a coach & mentor (to train other team members on security concepts) is key. Located in the Austin-based technology center & reporting to the Director of Development for Learning Technology this role will interact heavily with multiple teams including Cyber Security, Risk, Network, Operations & Infrastructure, End User Technology & business partners.
- Proactively manage the vulnerability dashboard & insure timely remediation of findings
- Manage the findings exception process for packaged & internally developed applications
- Contribute to the security update portion of the Monthly Business Review (MBR)
- Schedule & manage penetration tests with Information Security
- Manage finding remediation with developers & vendors
- Research/identify & implement resolutions for findings & vulnerabilities including understanding impact to applications (technical & functional)
- Submit & manage security assessments
- Apply security patches & system configuration application & perform validation testing post change
- Proactive testing of corporate applications (desktop & mobile) to identify issues early in the development/implementation process
- Facilitate technical discussions between vendors, Cyber Security & Risk
- Provide simplified explanation of findings to business partners & executive management including use cases for exploitation & risk
- Identify & document mitigating controls
- Lead SSO configuration/implementation & testing efforts with End User Technology & vendor partners
- Identify & implement opportunities for automation & engineering excellence
- 2 years of work experience with Bachelor's Degree in Computer Science or related discipline, or an Advanced Degree (MA, PhD, etc...)
- 3 or more years work experience or more than 2 years of work experience with an Advanced Degree (MA, PhD, etc...)
- Minimum of 2 years progressively responsible experience in software & hardware vulnerability management
- Strong understanding of OWASP standard & SANS 25
- Programming experience such as C, LISP, Perl or Java to recognize threats or weaknesses embedded with program code
- Exposure to technologies such as SQL, JEE, C++, XML, XSLT, SOA, ESB, SOAP, REST Web Services
- Experience with SaaS application access using single-sign-on (SSO) with Microsoft Azure
- Vulnerability management by Qualys Certification a plus
- Demonstrated ability to absorb, analyze, & understand new information, technologies & practices quickly
- Exceptional communication & customer facing skills, able to interact effectively with diverse groups of global stakeholders, both technical & business
- Strong follow-through, problem identification, analysis & problem-solving skills
- Self-motivated with the ability to exercise independent judgment with minimal direction from supervisor
- Coordinator of project & program support functions
- A planner of many things: meetings, events, tasks
- Asker of great questions
- Builder of partnerships & alliances
- Contributor toprocess improvements
- The incumbent must make themselves available during core business hours including routine evening global meetings
- This position does not require the incumbent to travel for work.
- This position will be performed in an office setting. The position will require the incumbent to sit & stand at a desk, communicate in person & by telephone, frequently operate standard office equipment, such as telephones & computers, reach with hands & arms, & bend or lift up to 25 pounds.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines & applicable local law.