Senior Information Security Analyst

  • Full-time
  • Job Family Group: Technology and Operations

Company Description

About Visa:

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do. CyberSource, a Visa company, has been and continues to be a pioneer within the e-Commerce Payment Management world. Our VisaNet network is capable of handling over 65,000 transaction messages per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks.

We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

“Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.”

Job Description

Candidate will support multiple security deployments across Visa including but not limited to SIEM, Web Application Firewalls (WAFs), Database Activity Monitoring (DAM) Solutions and File Integrity Monitoring (FIM) Solutions. Primary day-today job duties involve -

  • enrolling log sources, administration, Content development and working with our SIEM customers/stakeholders across the globe
  • working on SIEM, WAF, DAM and FIM solutions
  • supporting Security Operations and Incident Response teams
  • working with different Stakeholders within Information Security and external to Information Security 

Responsibilities

  • Lead logging enrollments from multi-tier applications into the enterprise logging platforms
  • Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
  • Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
  • Engineer, configure and deploy Enterprise SIEM/SEM solutions
  • Engineers, configures, deploys, and maintains DAM, FIM and WAF solutions
  • Develop automation for security tools management
  • Collaborate with key stakeholders within GIS and Cyber Security to develop specific use cases to address specific business needs

Qualifications

Must Have:

  • Excellent understanding and proven hands-on experience in SIEM concepts such as correlation, aggregation, normalization, and parsing
  • Experience with deploying and managing a large SIEM deployment
  • Excellent understanding of enterprise logging standards, with a focus on application logging
  • 3+ years of experience with SPLUNK, ArcSight and/or Qradar SIEM systems
  • Advanced knowledge of content creation concepts and best practices
  • Excellent understanding of regular expressions, development of custom/flex Parsers
  • Excellent Python and Unix Shell scripting skills
  • Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
  • 3+ years of network security and system security experience, supporting security event management tools (SIEMs)
  • Experience with database administration or programming on Oracle, MySQL, MSSQL, DB2
  • Experience with system administration on Window Server and UNIX (Solaris/AIX), Linux
  • Experience in using scripting languages automate tasks and manipulate data using UNIX shell
  • Experience with enterprise scale implementation of Imperva DAM
  • Experience with Imperva agents including tuning, health monitoring, and upgrades
  • Experience with Policies, Dictionaries, Signatures, ADC updates, and alerting mechanisms
  • Experience with Imperva appliances (Physical and VM) including MX-HA, SOM, and Clustering
  • Overall 5 years of information security experience
  • Excellent understanding of Cyber Security Operations, Incident Response processes
  • Excellent understanding of web application architectures and web services
  • Excellent communication skills
  • Ability to drive multiple efforts with minimum supervision

Infrastructure management and support experience

  • System administration experience in a Windows and Unix environment
  • Experience in using scripting languages to automate tasks and manipulate data. Programming experience is a plus
  • Experience working in a large enterprise environment
  • Experience integrating solutions in a multi-vendor environment.
  • Bachelor’s degree in engineering, computer science, information security, or information systems

Nice to Have:

  • Experience working with Big Data platforms/non-relational databases
  • Experience working with Hadoop
  • Experience in database security and administration (Oracle, MySQL/SQL, DB2)
  • Preferred certifications include: CISSP, SANS GCIA, CCMSE NGX, RHCE, ITIL, and vendor specific certifications
  • Experience with Imperva DAM for Z/DB2
  • Experience with Imperva WAF+DAM Universal User Tracking
  • Familiarity with Qradar, ArcSight, Imperva, Tripwire and Splunk
  • Familiarity with Atlassian JIRA
  • Familiarity with statistical analysis
  • Experience developing Data Analytics/Anomaly detection algorithms.

Additional Information

All your information will be kept confidential according to EEO guidelines.

Privacy Policy