Lead Cybersecurity Analyst

Bengaluru, India

Applications have closed

Visa

Das digitale und mobile Zahlungsnetzwerk von Visa steht an der Spitze der neuen Zahlungstechnologien für die neue Zahlung, elektronische und kontaktlose Zahlung, die die Welt des Geldes bilden

View company page

Company Description

Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.

When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.

Join Visa: A Network Working for Everyone.

Job Description

The Lead Cybersecurity Analyst will work as a senior member of Visa's Ethical Hacking (Penetration Testing/Pentest) program in the Cybersecurity organization. The objective of Visa's Pentest program is to proactively identify weaknesses and shortcomings in Visa's security posture and recommend necessary controls and procedures to protect Visa from adversarial threats. With this mission in mind, Visa's Pentest team experts are proactively involved in engagements that simulate adversarial threats and attacks in a timely manner.

The Lead Cybersecurity Analyst will be a key contributor for performing internal and external ethical hacks of Visa applications and systems. Pentest team members also help with design, development, and recommendation of security solutions to protect Visa proprietary/confidential data and systems. The candidate will also assist with compliance objectives, provide guidance and direction for the logical protection of information systems assets to other functional units, prepare reports regarding effectiveness of cybersecurity adherence, and make recommendations for the adoption of new policies and procedures for Visa services.

Responsibilities:

  • Conduct high risk and sensitive ethical hacks of internally and externally hosted applications globally according to scope defined by the Pentest team.
  • Provide subject matter expertise in application and infrastructure pentests with track record of end-to-end testing of complex systems.
  • Coordinate and execute system/network level pentests and ethical hacking exercises.
  • Proactively research and identify network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce risk to an acceptable and manageable level.
  • Review results of network and application pentests to determine severity of findings and to ensure proper remediation is applied.
  • Provide accurate and timely reporting of findings and proposed remediation and mitigations.
  • Provide technical support including but not limited to the following: (1) Audit support and remediation, (2) Process improvement, (3) Analysis and reporting, (4) Cross-division-function education, training, and awareness, (5) Function/methodology/strategy advancement.
  • Provide technical support to senior management in identifying and streamlining new/existing protocols and tools used by the Pentest team.
  • Develop and automate scripts, tools and resources needed to advance ethical hacking capabilities around new and emerging technologies like cloud, containers, blockchains, and embedded systems.
  • Actively involved in security research around new and emerging technologies.

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.

Qualifications

Basic Qualifications:
10+ years of relevant work experience and a Bachelors degree, OR 13+ years of relevant work experience

* Bachelor's degree (or equivalent) in Computer Science, Cybersecurity, or a related field
* At least 8-10 years of progressive experience with increasing responsibility in Information Technology, Cybersecurity, and Compliance that includes a combination of technical and project leadership responsibilities
* Extensive experience and expertise in performing application and infrastructure pentests
* Deep understanding and extensive experience in using CVSSv3.0/3.1
* Experience in writing proof-of-concept exploits
* Well versed in system exploits (e.g. buffer overflows, PTH attacks, windows authentication framework etc.), network exploitation (e.g. VLAN hopping), and web application vulnerability exploitation
* Well versed with security tools and frameworks such as Burp Suite Professional, Nmap, Nessus, Metasploit, Core, Canvas, AppScan, WebInspect, etc.
* Extensive understanding of cryptographic concepts and applied cryptography
* Proficiency in one or more scripting languages such as Perl, Python, JavaScript, Shell scripting, etc.
* Good interpersonal, facilitation, and demonstrated emerging leadership skills
* Able to operate at an advanced level of written and spoken communication, write and speak effectively with impact
* Good understanding of ethernet, switched LAN and WAN environment and detailed understanding of layer 3 and layer 4 specifications, including IP, TCP, TCP/IP routing protocols and management of ACLs
* Broad knowledge in various areas in Information Technology and Cybersecurity such as: logical/physical access control methods, connections alternatives using private, public, and wireless solutions, network/host intrusion detection engines, vulnerability management tools, patch management tools, penetration testing tools, antivirus/antimalware solutions

Additional Information

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Antivirus Burp Suite Cloud Compliance Computer Science Cryptography Ethical hacking Exploits Intrusion detection JavaScript Metasploit Nessus Nmap Pentesting Perl Python Scripting Strategy TCP/IP Vulnerabilities Vulnerability management Windows

Perks/benefits: Startup environment

Region: Asia/Pacific
Country: India
Job stats:  1  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.