Director - Cyber Legal

Company Description

Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.

When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.

Join Visa: A Network Working for Everyone.

Job Description

About the Global Privacy Office

Visa’s growing Global Privacy Office within Visa’s Legal Department is Visa's central touchpoint for global data strategy, privacy compliance, information governance, and legal aspects of data protection and information security

Position Summary:

Reporting to the Head of North America Privacy Legal, you will have opportunities to be involved in all aspects of the company's global privacy and data protection program and strategy. Depending on the candidate's skills and interests and business needs, they will:

• Analyze new and current laws and regulations and advise the business on data protection and cybersecurity obligations.
• Work closely with cross-functional teams, including senior management, and collaborate with privacy counsel to provide information security and cybersecurity strategy and guidance to support operations and new initiatives
• Advise Cybersecurity on appropriate information security and cybersecurity controls to comply with global regulatory requirements and best practices and translate legal requirements into technical design requirements
• Draft, negotiate and advise the business on the information security and cybersecurity aspects of contracts and advise TLMP team on vendor risk management program
• Advise Incident Response/VSIRT team in connection with potential incidents, including response, remediation and legal risks and requirements
• Advise Governance Risk and Compliance teams in connection with security audits and compliance matters
• Guide the continued improvement of Visa’s global cybersecurity program, including Key Controls.
• Coordinate with outside counsel as necessary with respect to data protection, information security and cybersecurity matters

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office two days a week, Tuesdays and Wednesdays with a general guidepost of being in the office 50% of the time based on business needs.

Qualifications

Basic Qualifications:
• 10 or more years of work experience with a Bachelor’s Degree or at least 8 years of work experience with an Advanced Degree (e.g. Masters/ MBA/JD/MD) or at least 3 years of work experience with a PhD

Preferred Qualifications:
• 12 or more years of work experience with a Bachelor’s Degree or 8-10 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 6+ years of work experience with a PhD
• Admission to practice law in at least one U.S. jurisdiction.
• 5+years information security and cybersecurity experience
• In-house, government or large firm private practices experience
• Extensive understanding and experience in evolving global cybersecurity programs and appropriately tailoring strategies and policies to fit business needs and risks
• Experience leading data breach and incident response investigations
• Experience in developing working on policy issues related to information security and cybersecurity, investigations, threat sharing as it intersects with privacy and cybersecurity
• Cybersecurity technology knowledge, including ability to optimally connect with cybersecurity professionals and ability to translate technical issues to legal risk in a clear and concise manner
• Substantial experience with cybersecurity standards, frameworks, risk assessments and certification processes, such as, NIST, ISO and other compliance frameworks
• Ability to build and maintain strong collaborative relationships with business partners

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 184,600 to 254,000 USD, which may include potential sales incentive payments (if applicable).  Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.  

Additional Information

Visa has adopted a COVID-19 vaccination policy to safeguard the health and well-being of our employees and visitors. As a condition of employment, all employees based in the U.S. are required to be fully vaccinated for COVID-19, unless a reasonable accommodation is approved or as otherwise required by law.

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.