About Visa:

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do. CyberSource, a Visa company, has been and continues to be a pioneer within the e-Commerce Payment Management world. Our VisaNet network is capable of handling over 65,000 transaction messages per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks.

We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

“Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.”

Overview:

Information security is an integral part of Visa's corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued, where you can work with like-minded peers who are passionate about the art & science of cyber defense, and where you can use state of the art tools for maximum impact, then we have a home for you.

The successful candidate will lead a team of security operations analysts and incident responders at one of Visa's operations centers. The position manages a team that identifies cybersecurity threats to Visa, as well as advanced specialists who conduct incident response and investigations. The team is part of a larger organization located across multiple geographic sites that is responsible for the comprehensive cyber defense of Visa and its subsidiaries.

This position will be based in Ashburn, Virginia.

Responsibilities:

• Direct, guide, and oversee the activities of incident response and analytical staff who are charged with the analysis of threat identification information from an array of sensors and the rapid resolution of any identified threats.
• Instill and foster a culture of excellence, integrity, and professionalism; one that works toward the highest standards in security operations and while balancing the needs of the business.
• Understand Visa's holistic cybersecurity strategy. Provide leadership and direction to ensure the organization's priorities are given appropriate focus.
• Conduct reviews of threat analysis activities performed by staff members to identify important trends and opportunities for improvement.
• Recommend courses of action based on analysis of both existing and emerging threats. Deliver reports, briefings, and assessments to leadership to facilitate their understanding of emerging issues.
• Provide oversight to incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) and develop strategies to contain and eradicate the incident. Ensure operations are recovered seamlessly.
• Provide leadership and guidance to both technical teams and business leaders during large incident responses and major cases.
• Serve as a subject matter expert in the identification of cyber threat events and incident response.
• Incorporate intelligence provided by a partner team to conduct proactive and reactive operations to mitigate emerging threats to Visa
• Develop and improve KPIs, metrics, and trending to inform Visa leadership.
• Develop and refine processes, procedures, and techniques used by the team to continually improve operational excellence.
• Provide guidance and mentor technical staff on incident handling and serve as an escalation point for analysts and malware specialists.
• Respond to and assist with assessments and compliance requests
• Recruit, develop, and retain a talented group of security operations and incident response professionals for this vital function.
• Work with colleagues in other technology departments as well as the business and product offices to establish effective, productive business relationships.

• Bachelor's degree in computer science, electrical engineering, information systems, or a related technical discipline with 12 years of relevant professional experience directly related to information security, cyber, or computer network defense.
• Demonstrated experience in an enterprise-level incident response team or security operations center. Direct experience leading incident response analysts or advanced malware analysts required to effectively mentor staff.
• Possess a good understanding of several common security tools, such as a SIEM, logging and forensics tools.
• Proven ability to address advanced threats targeting large enterprises, such as APT, and be well versed the tools, tactics, and procedures used by such actors.
• Experience and ability to lead the Visa enterprise through a coordinated, multi-team, incident response as required.
• Demonstrated ability to establish well-defined procedures and appropriate mitigations strategies derived from post incident analysis and lessons learned.
• Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied (including executive) audiences
• Experience in leading a team with a proven ability in developing talent, including identifying and attracting talent and creating an organization that is viewed as a highly attractive place to work.
• Strong leadership, organization, and process management skills; ability to lead and manage high performing teams.
• Proven subject matter expertise in relevant areas, such as incident response, intrusion analysis, incident handling, or malware analysis.
• Previous experience in effectively utilizing intel driven defense.
• Eligibility for and willingness to obtain a US Secret or higher clearance, if required.