Cybersecurity Engineer - Vulnerability management
Bengaluru, India
Visa
Das digitale und mobile Zahlungsnetzwerk von Visa steht an der Spitze der neuen Zahlungstechnologien für die neue Zahlung, elektronische und kontaktlose Zahlung, die die Welt des Geldes bildenCompany Description
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.
Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.
Job Description
This position supports the information security function by providing oversight, coordination, and delivery of systems supporting compliance and assurance activities as well as operational functions essential to maintaining our cybersecurity posture. As a member of PPC Cybersecurity & Compliance, you will focus on all finding types that carry a Required Resolution Date (RRD).
In your first year, your focus will be vulnerability management from maintenance of Qualys scans to interpretation and sequencing of findings, management of Application Technical Contacts (ATCs), execution of patching and configuration changes, and compliance management – i.e., ensuring that findings are remediated or accepted prior to the initial RRD.
As you demonstrate mastery of the above, you will be expected to improve the efficiency of the system (i.e., the people, process, and technology) used to manage findings within RRDs. This will include business and system architecture, process documentation and maintenance, and innovation designed to improve consistency at scale or to remove work from ATCs that can be done within the RRD Administration team.
This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.
Qualifications
Basic Qualifications
- 3+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience
Preferred Qualifications
- 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
- 3-6 years of end-to-end vulnerability management experience including provision of vulnerability scanners, agent provision and maintenance, interpretation of findings, ranking of findings outside of VVMS scores, option assessment, management of superseded patches, false positives, reassignment of findings, remediation actions (i.e., patching), confirmation (i.e., re-scanning to confirm remediation), and management of remediation to a standard. Qualys experience is preferred, but, not required.
- Familiarity with MS Excel, PowerPoint, Word, and SharePoint
- Ability to work independently, translate broad directives to detailed plans, independently problem solve, and to collaborate and communicate to ensure alignment to the objectives and the progress of work to completion.
- Excellent verbal and written communication skills
- Familiarity with common controls frameworks including OWASP, SANS Top 20 Security Controls, and NIST 800-171
- One year of experience in automation, tool development, or scripting with Python or JavaScript
- Familiarity with assurance standards such as ISO 27001, PCI-DSS, SSAE 16, SOC, etc.
- Security+, CySA+, or the equivalent certification from another credible institution
Additional Information
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Compliance ISO 27001 JavaScript NIST OWASP Python Qualys SANS Scripting SharePoint SOC Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs