Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

Visa's Digital and Mobile Product Development (DMPD) team is building a new generation of products to facilitate commerce in everyone's digital and mobile lives. Our focus is to build intuitive features that expose profound new value for our customers, merchants and developers.

DMPD is looking for a Lead Security Automation Engineer focused on building and evolving security capabilities around digital and mobile products. Security is central to Visa and requires deep cross functional collaboration between architects, developers, and engineers. The Lead Security Automation Engineer will be part of the DMPD Security Automation Team focused on delivering innovative and secure implementations to the product line. Visa is looking for an innovative security champion who can solve complex security problems and develop a security automation framework.

You will provide technical leadership when it comes to digital and mobile security. You are expected to work closely with other architects, developers and operators to deliver a security solution using hands-on experience in rolling security solutions and services. You need to be a self-starter, a quick learner of new technologies and have experience in product security such as secure application design, static code analysis and web/mobile application vulnerabilities. You will be hands-on and a critical part of the engineering team for a high-performance product security automation framework development, evangelism, and maintenance.

  Responsibilities

• Lead DMPD's security operations and governance
• Participate in all stages of development from design through implementation
• Understand current security posture of product ecosystem and specifics for DMPD's solutions
• Evaluate cutting edge security technologies, drive towards adoption, create proof-of-concept and frameworks
• Partner with Visa Security teams and enable enterprise wide security capabilities for DMPD's services, solutions and ecosystems
• Collaborate with cross-functional leads to influence industry standards adoption
• Integrate security capabilities with other security pillars that include identity access management, data protection, network security and application security
• Advise leadership on Security issues, systems, processes, products, and services
• Work with cross-functional experts to set strategic direction for Application and Infrastructure Security

• BS or MS in Computer Science, Engineering or Information Systems Management with a Security concentration and 10 or 8 years respectively of industry experience
• Strong problem solving and analytical skills
• Ability to quickly digest any issue/problem encountered and recommend an appropriate solution
• Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to high-level presentations
• Proven experience in developing and/or architecting complex web/mobile applications with backend services expertise such as API Gateway, Identity and Access Management Services, Data Deep knowledge of protection technologies, Security Information Event Management
• Previous experience with cyber security, HIDS/NIDS, Networking, WAFs, Edge/endpoint security, DNS security, Cryptography, layered security, defense in depth practices
• Well versed with J2EE ecosystem with hands on knowledge of core java, Spring, Cryptography, Hibernate, Kafka, Maven, etc.
• Hands on experience in using Penetration Testing or Dynamic Application Security Testing Tools (Burp suit, Vega, Wapiti, W3af, SQLMap or commercial products Acunetix/Netsparker/Metasploit) is a must
• Solid understanding OWASP top 10, SANS top 25 threats, expert in threat modeling, and tools used
• Knowledge of cryptographic systems running on mobile devices and mobilized services
• Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
• Experience of smartphone platforms (iOS, Android) and mobilized services
• Knowledge in payment services and systems is a plus
• Knowledge payment compliance and standards (PCI DSS, FFIEC, NIST Security Standards) is a plus
• Industry security certifications (i.e. CISSP, CISSP-ISAAP, CISA, CISM) is a plus

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.

All your information will be kept confidential according to EEO guidelines.