Cybersecurity Engineer

Company Description

Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.

When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.

Join Visa: A Network Working for Everyone.

Job Description

Visa’s Technology Organization is a community of problem solvers and innovators reshaping the future of commerce.   We operate the world’s most sophisticated processing networks capable of handling more than 65k secure transactions a second across 80M merchants, 15k Financial Institutions, and billions of everyday people.   While working with us you’ll get to work on complex distributed systems and solve massive scale problems centered on new payment flows, business and data solutions, cyber security, and B2C platforms.

The Opportunity:

As a Cybersecurity Engineer, you will be part of Visa’s Cybersecurity team working to ensure that incidents related to application security are managed effectively and with a minimal impact to our users, business, and brand. You will analyze application attacks and vulnerabilities, research mitigation strategies, validate remediations and coordinate activities across Cybersecurity, Software Development and Engineering teams to ensure proper resolution. In addition, you will work on proactively identifying trends and investigating emerging security threats.

In this role, you are a passionate and talented Cybersecurity engineer who thrives in a dynamic environment and has understanding of OWASP vulnerabilities, application pen testing, proactive threat hunting, impact assessment, and security monitoring and defense.

Essential Functions:

• Provide subject matter expertise for application security risks and attacks
• Analyze log data to investigate incidents and threats
• Conduct vulnerability analysis of Visa-developed applications. Review source code (Java, C#), configuration files and open-source components
• Reproduce or create proof-of-concept to exploit a particular vulnerability
• Assist with incident remediation and identifying similar issues in the Visa ecosystem
• Conduct postmortem analysis to reduce gaps, improve processes, and ensure proper tuning of security tools
• Document and operationalize actionable items, develop solutions and procedures to improve security posture and threat detection.

This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice.

Qualifications

Preferred Qualifications:
· 6 or more years of work experience with a Bachelors Degree or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or up to 3 years of relevant experience with a PhD
· Preferred experience in Application Security, SOC involving web applications, Application Pen Testing, or Threat Hunting
· Relevant security-related certifications are a plus
· Must have a deep understanding of OWASP Top 10 and CWE 25
· Deep understanding of web applications, API, web servers, layer 7 application technologies, WAF
· Understanding of incident response, threat hunting, and OSINT
· Experience with SIEM logging solutions (Splunk)
· Experience with application security tools including SAST, DAST (Burp Suite), SCA
· Knowledge of application risk assessment and risk categorization
· Understanding of vulnerabilities that affect infrastructure and networks
· Ability to effectively present and communicate security threats and risks to any audience
· Solid problem solving and analytical skills, able to quickly digest any issue/problem encountered and recommend an appropriate solution
· Self-motivated, able to work independently, able to negotiate and bring consensus to diverse priorities of product development and solution teams

Additional Information

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.