Director – Cybersecurity, Payment Security Standards
Ashburn, VA, United States
VisaDas digitale und mobile Zahlungsnetzwerk von Visa steht an der Spitze der neuen Zahlungstechnologien für die neue Zahlung, elektronische und kontaktlose Zahlung, die die Welt des Geldes bilden
Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.
When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.
Join Visa: A Network Working for Everyone.
Are you passionate about security and the ability to be at the forefront of driving responsible innovation in payments ecosystem? We are seeking talent with deep curiosity and passion for Problem Solving in a fast-moving industry. The Director, Ecosystem Risk Advisory, Payment Security Standards delivers best-in-class payment security risk insights to drive improved industry standards and support responsible innovation. The successful candidate will represent Visa at industry standards forums like PCI, ANSI, ISO to develop security standards for the payment industry, bringing technical expertise to key internal and external stakeholders.
As a Founding Member of Payment Card Industry (PCI), Visa maintains and evolves the payment industry standards, which have been expanded to include PIN Transaction Security (PTS) POI and HSM requirements, P2PE Standard, the PCI Secure Software Framework (SSF) standards and the PCI Mobile Payments on COTS (MPoC) standard.
We are seeking a highly motivated individual who is fluent in Payment Security Standards, is highly analytical, an exceptional communicator and an excellent problem solver.
Working with internal and external stakeholders to provide insights into security standards and to assess requirements and standards for new and evolving areas of innovation as they arise.
Conducting cross functional workshops with various internal stakeholders to ensure Visa’s collective voice on security standards is captured, consolidated, documented, and fed back into Standards bodies.
Provide ecosystem risk guidance and direction into the development of new products, solutions, services and business initiatives across Visa’s product and payment verticals.
Develop into a subject matter expert within the Payment Card Industry (PCI) with ability to provide expert guidance to Visa teams regarding applicable PCI Council standards.
Develop materials, best practices, standards, policies and procedures for issues related to emerging technologies affecting the payment ecosystem as necessary to support global clients in the adoption and implementation of Visa products.
Develop industry and companywide initiatives in support of meeting PCI requirements and industry mandates. Manage a portfolio of standards working groups and leverage Visa’s deep domain experts within risk, technology, product to uplift standards as the industry evolves.
Identify and assess emerging data security risks and trends and provide recommendations for policy and procedure changes to Visa’s data security compliance programs as necessary.
Maintain proficiency with current security best practices for the payments industry and serve as a trusted partner to implications and solutions to Visa teams.
Conducting training and awareness on new product innovations, new technologies and standards in the payment industry.
This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.
- 10+ years of relevant work experience with a Bachelor’s Degree or at least 7 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 4 years of work experience with a PhD, OR 13+ years of relevant work experience.
- 12 or more years of work experience with a Bachelor’s Degree or 8-10 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 6+ years of work experience with a PhD
- 12 or more experience in information security, risk management, data security compliance, payments and/or acquirer/issuer fraud reduction programs, or 8+ years’ experience with an Advance Degree.
- Familiarity with the PCI ecosystem, PCI Security Standards Council (PCI SSC), PCI SSC standards and Payment Brands and Schemes compliance programs.
- Direct experience in executing data security programs or security consulting.
- Demonstrated aptitude to think creatively to identify new ways to approach common risk and data security problems.
- Excellent communication skills, both verbal and written. Capable of clearly articulating a technical position on a topic, canvasing support from technical peers on the merits of the position and communicating outcomes to wide array of stakeholders (both technical and non-technical).
- High level of self-motivation and initiative. Able to operate effectively as a team player.
- Excellent time management skills with ability to pursue multiple initiatives simultaneously and deliver results.
- Working knowledge of cryptography and cryptography and key management standards applicable to payment industry (e.g., NIST SP 800-57, ISO/IEC 11770).
- Experience with secure cryptographic devices such as HSMs, evaluated to PCI PTS HSM, IPS 140-3, or ISO/IEC 19790 standard, and the point-of-interaction (POI) hardware devices that have been evaluated to PCI PTS POI standard.
- Knowledge of cloud technologies and security standards (e.g., ISO/IEC 27018).
- Knowledge of software security and secure software lifecycle standards (e.g., (PCI Secure Software Framework, ISO/IEC 12207 and NIST Secure Software Development Framework) and software maturity models (e.g., BSIMM and Open SAMM).
- Understanding of mobile solutions architecture, distribution, and applicable standards (e.g., PCI Software-Based Pin Entry on COTS, PCI Mobile Payments on COTS).
- Professional certifications (e.g., CISSP, PCI QSA, PCI ISO, PCI PCIP, GIAC (various), CISM, CCSP, CISA, CRISC, AWS Security, AWS Advanced Networking Specialty, AWS Solutions Architect) or equivalent.
Work Hours: Varies upon the needs of the department.
Travel Requirements: This position requires travel 5-10% of the time.
Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.
U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 139,800.00 to 181,800.00 USD, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Remote United States | … Remote United States | Remote Atlanta, GA Full TimeExecutive Executive-levelUSD 107K - 236K * USD 107K+ *
Chief Information Security OfficerApplication security CISA CISM CISSP Cloud Compliance +16
401(k) matching Career development Health care Medical leave Paid sabbatical +2
., ., United States ., ., United States Full TimeExecutive Executive-levelUSD 57K - 106K * USD 57K+ *
Director of Threat Intelligence - 100% US REMOTE ONLYCISM CISSP Computer Science Cyber Kill Chain GCIH Incident response +6
401(k) matching Career development Competitive pay Equity Flex hours +5
New York City New York City Full TimeExecutive Executive-levelUSD 289K - 353K USD 289K+
Federal Reserve System
Program Director, Cybersecurity Risk and PolicyBanking Clearance Compliance Privacy Security Clearance Strategy
401(k) matching Career development Flex hours Flex vacation Health care +5
San Francisco, CA, United … San Francisco, CA, United States Full TimeExecutive Executive-levelUSD 269K - 329K USD 269K+
Head of Compliance, Emerging BusinessesAnalytics Banking Blockchain C Compliance Crypto +4
Career development Equity Flex hours Flexible spending account Flex vacation +7
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs