Director - GRC Third Party Technology Risk
Austin, TX, United States
Company DescriptionVisa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive. When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement. Join Visa: A Network Working for Everyone.
Job DescriptionThis position will be part of Visa's Cybersecurity Third Party Technology Risk Management (“3PTRM”) team, providing oversight, coordination, and delivering the activities supporting successful risk management activities around third parties for VISA. The role will regularly lead and/or collaborate on initiatives with senior leaders across the organization. The ideal candidate will be process driven, an excellent communicator, and possess strong negotiation skills. The role also requires a strong working knowledge of the legal, regulatory, and industry compliance landscape relevant to Information Security, Banking, Payments, and Data Privacy, including PCI-DSS, FFIEC IT Examination Handbook, ISO 27000 series frameworks, Critical Security Controls (CSC), NIST 800-53, GLBA, and the EU General Data Privacy Regulation (GDPR). Key responsibilities: Manage a team of highly focused analysts of varying skill level and domain knowledge (from new associate to senior with 10+ years of experience). Work with each one to bring optimal results, while ensuring career growth and personal achievement. Lead risk/security assessments of suppliers and Third Parties to identify, validate, and remediate Cybersecurity Risks. Plan, coordinate, and lead onsite assessments of Third Parties against Visa’s security framework and industry security standards. Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements. Identify, prioritize, and pursue opportunities to enhance Visa's 3PTRM processes and introduce innovative approaches and solutions to optimize efficiency and effectiveness. Contribute towards process improvement of team processes, templates, and tools. Develop trusted relationships with Business Partners, Visa IT Executives, Security & Compliance Officers, and other teams. Be up to date on the broader regulatory landscape affecting Visa business areas, remain current with emerging regulatory sentiments as well as solution trends in the marketplace. Possess an understand emerging technologies including but not limited to mobile and cloud technology. This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office two days a week, Tuesdays and Wednesdays with a general guidepost of being in the office 50% of the time based on business needs.
QualificationsBasic Qualifications: 10 or more years of work experience with a Bachelor’s Degree or at least 8 years of work experience with an Advanced Degree (e.g. Masters/ MBA/JD/MD) or at least 3 years of work experience with a PhD • Experience conducting third party assessment covering various Cybersecurity domains including, but not limited to, security architecture, access management, security incident management, secure software development, network security, and cryptography is a must. • Successful track record managing delivery of complex, multi-faceted initiatives, or projects. • Ability to quickly master new systems and/or processes, capacity to stay organized while managing competing priorities. • Excellent working knowledge of industry and regulatory standards and oversight regimes, such as PCI, ISO 27000 series, FFIEC examinations, NIST 800-53, GDPR, GLBA, etc. • Extraordinary written and communication skills, able to present to executive management, able to communicate complex security and technology concepts to non-technical staff, able to communicate complex legal and regulatory concepts to non-legal staff. Preferred Qualifications: 12 or more years of work experience with a Bachelor’s Degree or 8-10 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 6+ years of work experience with a PhD • Prior knowledge of Cybersecurity in the Payments industry is highly desirable. • Big Four Consulting experience (E&Y, PwC, Deloitte, or KPMG). • Certifications - CISSP, CISM, or similar preferred. U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 162,700 to 211,500 USD, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.
Work Hours: Varies upon the needs of the department.
Travel Requirements: This position requires travel 5-10% of the time.
Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 162,700.00 to 211,500.00 USD, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.
* Salary range is an estimate based on our salary survey 💰
Tags: Banking CISM CISSP Cloud Compliance Cryptography GDPR ISO 27000 Monitoring Network security NIST PhD Privacy Risk management Security assessment
Perks/benefits: Career development Equity Health care Insurance Salary bonus Wellness
More jobs like this
Remote, United States or … Remote, United States or Austin, TX HQ Full TimeExecutive Executive-levelUSD 73K - 136K * USD 73K+ *
VP of Security & Compliance (Remote)Agile Analytics Audits CISM CISSP Compliance Computer Science +8
Career development Competitive pay Flex hours Flex vacation Health care +6
Bellevue, WA, United States Bellevue, WA, United States Full TimeExecutive Executive-levelUSD 185K - 250K USD 185K+
Managing Director - Cybersecurity EngineeringAndroid Automation AWS Azure Blockchain C CCPA +39
Career development Cell phone stipend Equity Fitness / gym Flex hours +7
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Information Security Specialist jobs
- Open Security Architect jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Analyst jobs
- Open Senior SOC Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open IT Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Head of Information Security jobs
- Open IT Security Analyst jobs
- Open Cyber Hunt SME jobs
- Open Security Consultant jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Application Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Manager Pentest H/F jobs
- Open Lead Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Vulnerability management-related jobs
- Open DevSecOps-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Java-related jobs
- Open CISM-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Analytics-related jobs
- Open CI/CD-related jobs
- Open Malware-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Terraform-related jobs
- Open IDS-related jobs
- Open OWASP-related jobs