Senior Consultant Cyber Crime

Company Description

Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.

When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.

Join Visa: A Network Working for Everyone.

Job Description

This high impact, high visibility position is part of Payment Systems Intelligence - a key component of Global Risk's Payment Fraud Disruption (PFD) initiative. PFD's team of technology experts are vital to Visa's efforts to identify, investigate, disrupt and prevent attacks targeting the global payment ecosystem. This Sr. Consultant role will specifically lead the development and scaling of strategies for key Payment Systems Intelligence capabilities, specifically eCommerce Threat Disruption.  This includes developing a program’s go-to-market strategy, engaging clients globally on this program, and developing future growth strategy for the program. In addition, as a key lead within the PSI team, the Sr. Consultant will identify new and novel methods that fraudsters are using to target Visa clients and the ecosystem, and develop innovative approaches to disrupt emerging fraud and security vulnerabilities affecting Visa clients and the payments ecosystem.

A primary focus for this role is the Visa eCommerce Threat Disruption. This capability is one of the highlighted Differentiators in Visa’s Risk offering.  This unique, new capability has global reach to processors, merchants and acquirers and is an industry first.  eTD is a key part of Visa’s ongoing efforts to stay ahead of organized crime groups and has already received high accolades from Visa clients.  Building and leading this important offering requires advanced knowledge of payments systems, fraud techniques and malware, as well as the ability to identify and disrupt evolving attack trends.  In addition, eTD requires regular interaction with executive members of Visa’s most valued client base to discuss and advise on their most sensitive security issues. This role requires a recognized expert with a capacity to solve unique and complex problems that have a broad impact on the business, coordinate closely with client executives, and the ability to present technical, transaction-level findings to clients and executive leadership.

Primary Responsibilities: eCommerce Threat Disruption

• Coordinate closely with Sr. Director PSI team lead and other colleagues to carry out eTD client engagements, to include full coordination and prioritization of eTD with Visa Regional teams and Risk Managers
• Execute eTD, ensuring that day-to-day operations operate properly and delivery expected client results
• Manage the eTD medium sized project and associated processes, providing guidance to other employees in job area, using extensive technical principles
• Ability to work independently, under limited supervision, on problems that are undefined and significantly complex
• Ability to conduct threat research to identify emerging fraud trends and reproduce results in a simulated production environment
• Collaborate with internal and external stakeholders on various fraud issues and produce fraud mitigation strategies to include vulnerability assessments.
• Contribute to the development of functional strategy and regularly identify and recommend service improvements
• Contribute and participate in all stages of advanced fraud and cybercrime simulation, understanding and researching fraud attacks on the payments ecosystem from multiple phases, including planning, recon, exploitation, post-exploitation, clean up and remediation
• Independent research of threats targeting ecommerce merchants
• Technical analysis of malware targeting the ecommerce ecosystem
• Creation of malware signatures (regular expressions and Yara rules) for identified eCommerce threats.
• Work with technology to maintain and improve the malware detection capability of Visa eCommerce Threat Disruption
• Brief stakeholders on new trends, techniques, and threats in a business context

Go-To-Market Responsibilities:

• Manage the go-to-market strategy and technology development for eTD to identify and deter threat actors responsible for complex payment system fraud campaigns
• Serve a lead coordinator with Visa Risk Product, Consulting and other internal stakeholders to develop client-focused strategies for PSI capabilities, including eCommerce Threat Disruption
• Deliver best in class eTD capability in support of acquirer, merchant processor engagements

Secondary Responsibilities: Payment Systems Intelligence

• Serve as team subject matter expert in all areas involving payment fraud analysis and investigation
• Identify the extraordinary in the ordinary, pinpoint and disrupt complex fraud schemes, and manage identification and reporting of fraud attacks
• Identify emerging cybercrime and fraud techniques in a fast-paced, highly technical environment
• Understand network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce payments risk to an acceptable and manageable level
• Identify new fraud and cybercrime threats to the payments ecosystem and communicate them to relevant stakeholders 
• Triage and analysis of forensic investigation reports, identification of technical correlations between the reports, and ability to develop digital infrastructure maps (domains, IPs, malware variants) of overlapping cybercrime operations. 
• Provide intelligence and technical analysis support to the Investigations team during official PCI forensic investigations.
• Analyze compromised payment card data from multiple reporting sources in order to identify compromised points of purchase (merchant breaches).
• Manage attacks by combining payment intelligence findings and fraud solutions to proactively identify and resolve high-profile attacks.
• Collaborate with other key programs and team members, including Intelligence Analysis, Attack Intelligence, etc.
• Support Senior Director, Payment Systems Intelligence, as necessary
• Review new tools and products developed for clients to identify vulnerabilities. Provide risk remediations and best practices to key stakeholders during product  design, development, implementation and post-implementations phases

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office two days a week, Tuesdays and Wednesdays with a general guidepost of being in the office 50% of the time based on business needs.

Qualifications

Basic Qualifications:
• 8 or more years of relevant work experience with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD
• Experience in payment card or information security industry, all-source cyber intelligence organizations, investigating payment card, cybercrime fraud.
• Expertise writing Regular Expressions
• Working knowledge of HTML, CSS, and JavaScript
• Expertise with programming/scripting languages, specifically
o JavaScript
o Python/PHP/ASP/etc.
• Understanding of the following technology:
o Apache/Nginx/IIS
o MySQL/PostgreSQL/MariaDB
o CDN
o WAF
o DNS
• Excellent written, oral and presentation skills and an ability to synthesize information and make clear, concise recommendations on course of action
• Strong understanding of networks, risk management, network security, digital forensics, and security operations
• Work independently with limited oversight from manager
• Ability to identify emerging cybercrime and fraud techniques in a fast-paced, highly technical environment. Understand network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce payments risk to an acceptable and manageable level.
• Conduct in-depth fraud analysis in support of investigations and present findings to clients or internal partners
• Adaptable and able to work well in a fast paced, team-oriented environment
• Prior experience with data analytics, visualization tools and concepts
• Proficiency with drafting detailed, technical reports
• Ability to respond after-hours, weekends and holidays to major fraud events
• Passion for fraud schemes and cybercrime investigations
• Good interpersonal, facilitation, and demonstrated emerging leadership skills
• Understanding of payments process and cybercrime and fraud techniques
• Able to operate at an advanced level of written and spoken communication, write and speak effectively with impact
• Capable of delivering presentations and comfortably interacting with all levels of Visa and client management
• Previous experience in developing and producing reports to executive management
• Ability to prepare reports on meaningful trends and fraud stats
• High level of self-motivation and initiative
• Expertise writing Regular Expressions
• Working knowledge of HTML, CSS, and JavaScript
• Security certification, such as CEH, GCIH, OSCP, Sec+, etc.
• Expertise with programming/scripting languages, specifically
o JavaScript
o Python/PHP/ASP/etc.
• Understanding of website technology stack, such as:
o Apache/Nginx/IIS
o MySQL/PostgreSQL/MariaDB
o CDN
o WAF
o DNS

Preferred Qualifications:
• 9 or more years of relevant work experience with a Bachelor’s Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
• Knowledge of transactions, systems processing transactions and overall transaction process.
• Concepts, terms, processes, policy and implementation of information security
• Intelligence databases and analytical tools or similar intelligence reporting systems
• Analysis of cyber threat intelligence and fraud intelligence.
• Moderate understanding of networks, risk management, network security, digital forensics, and security operations
• Background in web development

Additional Information

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 128,100.00 to 166,500.00 USD, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.