Company Description|Job Description
Fascinated by the future & captivated by technology?
Smart, driven & want to make a difference in the world?
You'll fit right in.
Join a diverse team at Visa, where your individuality fits right in. We can provide the opportunity to shape the payments experience globally. Together, let's transform the way the world pays.
Think you know us?
Our mission is to connect the world through the most innovative, reliable & secure digital payment network that enables individuals, businesses & economies to thrive.
Individuality fuels our brand & our global team - we're proud that we are a talented team of 15,000 individuals with unique backgrounds, perspectives & experiences. Therefore, we understand that you are much more than your day job. We encourage quality of life outside of the office, whether it's taking advantage of agile work schedules or our wellness programs, Visa respects & encourages meaningful work/life balance for everyone. In addition, we offer market leading salary & have a fantastic benefits offering.
So, if you're not satisfied with the status quo, we can satisfy your desire to explore new territory, giving you the runway to really make an impact, whilst connecting you with teams around the world in a truly inclusive culture that celebrates our uniqueness.
If you think you could support Visa as a Lead Security Specialist, Red Team, we want to hear from you - together, let's make Visa a great place to work.
What's it all about?
Cybersecurity is at the beating heart of our business. Our diligence & expertise is what makes us undisputed leader in electronic payments. We've made it our priority to create exemplary security operations & incident response teams, poised to defend us against any potential cyber threats.
We're looking for those of you who are inherently driven & fascinated by the art & science of cyber defence. We'll equip you with the very best tools & tech so that you can deliver top notch results.
Continuous self-development underpins job fulfilment at Visa. If you have a burning desire for self-development, working with us will expose you to challenges & opportunities to hone your skills. We'll provide the right environment & a plethora of top notch professionals to learn with & from.
What we expect of you, day to day.
As a member of Visa's Red team, provide technical expertise required to carry out internal & external ethical hacking exercises. Coordinate with other departments & teams to evolve information security alignment with company goals & objectives. Contribute & participate in all stages of a Red team exercise including planning, recon, exploitation, post-exploitation, clean up & remediation. Champion security research activities & team work required to carry out successful Red team operations. Create & provide presentations to executive management highlighting outcomes of Red team exercise & recommendations & timelines for remediation.
- Conduct high risk & sensitive ethical hacks of internally & externally hosted applications globally according to scope defined by Red team.
- Co-ordinate & execute system/network level advanced red team & ethical hacking exercises
- Work special/off-hours (late nights, weekends etc.) as deemed necessary for the successful & covert execution of Red team exercises (emulating adversaries)
- Design & develop scripts, frameworks & tools required for facilitating & executing complex undetectable attacks
- Reviews results of network & application ethical hacks in order to determine severity of findings & to ensure proper remediation is applied.
- Performs penetration & remediation testing & reporting through the application of expert ethical hacking & penetration techniques in a fast-paced, highly technical environment. Identify network & system vulnerabilities & provide recommended counter measures or mitigating controls to reduce risk to an acceptable & manageable level.
- Provide accurate & timely reporting of findings & proposed remediation & mitigations.
- Coordinate Red team operational briefings & presentations to non-technical audience & executive management, as required
- Provide technical support to Business Leader/Chief Specialist in identifying & streamlining new/existing protocols & tools used by the Red team.
- Technical support could include, but not limited to the following: (1) Audit support & remediation, (2) Process Improvement, (3) Analysis & Reporting, (4) Cross Divisional Functional education, training & awareness, (5) Function/Methodology/Strategy advancement.
- Define & develop agenda for training & educating security professionals on advanced exploits, tools & frameworks
- Perform research of emerging technologies & design frameworks & capabilities required to perform Red team exercises of new technologies adopted by Visa
- Requires comprehensive knowledge & mastery in assigned areas applying skills & competencies in challenging & complex situations.
- Recognized expert in the company. Only a few positions require such extensive knowledge & skill.
- Complete mastery of at least one technology domain & solid working knowledge of at least one other. For example, web applications, system exploitation, network based attacks, Reverse engineering, Mobile security etc.
What we're after
- Expertise in performing advanced exploitation & post-exploitation attacks as part of ethical hacking exercises
- Prior experience or expertise performing Red team exercises will be a plus
- Experience in writing proof-of-concept exploits & creating custom payloads & modules for common ethical hacking frameworks & tools
- Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.), network exploitation (e.g. VLAN hopping) or web application exploitation
- Well versed with security tools & frameworks like Cobalt Strike, Metasploit, Canvas etc.
- Extensive understanding of cryptographic concepts & applied cryptography
- Proficiency in one or more scripting language. E.g. Perl, Python, Shell Scripting etc.
- Prior experience with exploit development or writing system modules in C & C++, a major advantage. Knowledge of high level programming languages an added bonus
- Prior experience with reverse engineering, malware analysis & forensic tools will be an added advantage
- Good interpersonal, facilitation, & demonstrated emerging leadership skills
- Able to operate at an advanced level of written & spoken communication; write & speak effectively with impact
- Good understanding of Ethernet, switched LAN & WAN environment & detailed understanding of layer 3 & layer 4 specifications, including IP, TCP, TCP/IP routing protocols & management of ACLs.
- Knowledge of logical / physical access control methods, connections alternatives using private, public & wireless solutions, Network/Host Intrusion Detection Engines, Vulnerability Management Tools, Patch Management Tools, Penetration Testing Tools, Anti-Virus/Anti-Spyware solutions
- Conducts complex analytical functions by performing security assessments & ethical hacks of high risk sensitive applications
Think you have what it takes?
If you are interested in a career that will challenge & inspire you - we'd love to hear from you!
Diversity & Inclusion
Universal acceptance for everyone, everywhere, is not only our brand promise, it's the foundation of our company culture. We foster a feeling of connectedness in the workplace, support diversity of thought, culture & background, fight for important initiatives like Equal Pay & actively work to eliminate unconscious biases that hold us all back.
By leveraging the diverse backgrounds & perspectives of our worldwide teams, Visa is a better place to work & a better business partner to our clients.