Senior Security Automation Engineer

  • Full-time
  • Job Family Group: Technology and Operations

Company Description

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

Job Description

Visa's Digital and Mobile Product Development (DMPD) team is building a new generation of products to facilitate commerce in everyone's digital and mobile lives. Our focus is to build intuitive features that expose profound new value for our customers, merchants and developers.

DMPD is looking for a Security Automation Engineer focused on building security capabilities around digital and mobile products. Security is central to Visa and requires deep cross functional collaboration between architects, developers, and engineers. The Staff Security Automation Engineer will be part of the DMPD Security Automation Team focused on delivering innovative and secure implementations to the product line.

You are expected to work closely with other architects, developers and operators to deliver a security solution using hands-on experience in rolling security solutions and services. You need to be a self-starter, a quick learner of new technologies and have experience in product security such as secure application design, static code analysis and web/mobile application vulnerabilities. You will be hands-on and a critical part of the engineering team for a high-performance product security automation framework development, evangelism, and maintenance.

Responsibilities:

  • Automate DMPD's security operations and aid governance
  • Participate in all stages of development from design through implementation
  • Understand current security posture of product ecosystem and specifics for DMPD's solutions
  • Implement cutting edge security technologies, drive towards adoption, create proof-of-concept and frameworks
  • Partner with Visa Security teams and enable enterprise wide security capabilities for DMPD's services, solutions and ecosystems
  • Collaborate with cross-functional peers to influence industry standards adoption
  • Integrate security capabilities with other security pillars that include identity access management, data protection, network security and application security
  • Work with cross-functional experts to set strategic direction for Application and Infrastructure Security

Qualifications

  • BS or MS in Computer Science, Engineering or Information Systems Management with a Security concentration and 7 or 5 years respectively of industry experience
  • Strong problem solving and analytical skills
  • Ability to quickly digest any issue/problem encountered and recommend an appropriate solution
  • Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to high-level presentations
  • Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
  • Hands on experience in using Penetration Testing or Dynamic Application Security Testing Tools (Burp suit, Vega, Wapiti, W3af, SQLMap or commercial products Acunetix/Netsparker/Metasploit) is a must
  • Experience in CI/CD, understanding od various CI/CD tools and frameworks like Jenkins, Maven, Hudson, Artifactory, Bamboo, Chef, Ansible
  • Experience in SSL/TLS, Keystores, RBAC, etc.
  • Experience in deployment processes and best practices
  • Well versed with J2EE ecosystem with hands on knowledge of core java, Spring, Cryptography, Hibernate, Kafka, Maven, etc.
  • Knowledge in payment services and systems is a plus
  • Knowledge payment compliance and standards (PCI DSS, FFIEC, NIST Security Standards) is a plus
  • Industry security certifications (i.e. CISSP, CISSP-ISAAP, CISA, CISM) is a plus

Additional Information

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.

All your information will be kept confidential according to EEO guidelines.

Privacy Policy