Cybersecurity Engineer - Vulnerability management

Bengaluru, India

Visa

Das digitale und mobile Zahlungsnetzwerk von Visa steht an der Spitze der neuen Zahlungstechnologien für die neue Zahlung, elektronische und kontaktlose Zahlung, die die Welt des Geldes bilden

View company page

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid. 

Make an impact with a purpose-driven industry leader. Join us today and experience #LifeAtVisa

Job Description

This position supports the information security function by providing oversight, coordination, and delivery of systems supporting compliance and assurance activities as well as operational functions essential to maintaining our cybersecurity posture.  As a member of PPDCC you will focus on all finding types that carry a Required Resolution Date (RRD). 

 

In your first year, your focus will be vulnerability management from maintenance of Qualys scans, to interpretation and sequencing of findings, management of Application Technical Contacts (ATC), execution of patching and configuration changes, and compliance management – i.e., ensuring that findings are remediated or accepted prior to the initial RRD. 

 

As you demonstrate mastery of the above, you will be expected to improve the efficiency of the system (i.e., the people, process, and technology) used to manage findings with RRDs.  This will include business and system architecture, process documentation and maintenance, and innovation (e.g., education of stakeholders, automation of process, product management, introduction of new technologies, etc.) designed to improve consistency at scale or to remove work from ATCs that can be done within the RRD Administration team.

 

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.

Qualifications

Basic Qualifications

  • 3+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience

Preferred Qualifications

  • 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
  • 3-6 years of end-to-end vulnerability management experience including provision of vulnerability scanners, agent provision and maintenance, interpretation of findings, ranking of findings outside of VVMS scores, option assessment, management of superseded patches, false positives, reassignment of findings, remediation actions (i.e., patching), confirmation (i.e., re-scanning to confirm remediation), and management of remediation to a standard. Qualys experience is preferred, but, not required.
  • Familiarity with MS Excel, PowerPoint, Word, and SharePoint
  • Ability to work independently, translate broad directives to detailed plans, independently problem solve, and to collaborate and communicate to ensure alignment to the objectives and the progress of work to completion.
  • Excellent verbal and written communication skills
  • Familiarity with common controls frameworks including OWASP, SANS Top 20 Security Controls, and NIST 800-171
  • One year of experience in automation, tool development, or scripting with Python or JavaScript
  • Familiarity with assurance standards such as ISO 27001, PCI-DSS, SSAE 16, SOC, etc.
  • Security+, CySA+, or the equivalent certification from another credible institution

Additional Information

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Automation Compliance ISO 27001 JavaScript NIST OWASP Python Qualys SANS Scripting SharePoint SOC Vulnerability management

Region: Asia/Pacific
Country: India
Job stats:  11  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.