About Visa:

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do. CyberSource, a Visa company, has been and continues to be a pioneer within the e-Commerce Payment Management world. Our VisaNet network is capable of handling over 65,000 transaction messages per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks.

We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

“Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.”

Information security is an integral part of Visa's corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued, where you can work with like-minded peers who are passionate about the art & science of cyber defense, and where you can use state of the art tools for maximum impact, then we have a home for you.

The successful candidate will join a team of information security analysts in a global security operations center. These analysts are the primary cyber defenders on the frontline protecting Visa networks and systems. The team is part of a larger cybersecurity organization which is located across multiple geographic sites that is responsible for the comprehensive cyber defense of Visa and its subsidiaries.

Responsibilities:

• Identify cybersecurity threats and perform analysis of reported anomalies on Visa networks and systems.

• Mitigate and contain identified threats using approved methodologies when detected. Initiate escalation procedures and incident response processes as defined in operational plans.

• Monitor information security alerts though the use of a Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts.

• Utilize sensor data and correlated logs containing IDS/IPS, AV, Windows events, web proxy, and similar data to establish context and to rule-out false positives.

• Operationalize actionable intelligence reports from the Threat Intelligence team and external sources.

• Coordinate the initial workflow and response for varying case types with internal and external teams.

• Collaborate with operational support staff to ensure they are actively engaged in potential security threats and concerns.

• This position is staffed in shifts supporting a 24x7x365 global security operations center. Analysts work a series of 12-hour shifts (followed by days off) in the daytime and operations are transitioned to another operational site at night. Staff assigned to the operations center are considered critical and may need to cover holidays and weekends, if scheduled. There are opportunities for overtime while working extra shifts to ensure operational coverage when needed.

• Provide feedback to peer teams to enhance the sensor set and improve signature fidelity.

• Contribute to projects that enhance the security posture of the enterprise. Opportunities may include
  big data analytics, automated malware analysis tools, whitelisting/blacklisting, NAC, deep packet inspection, live forensics, and others.

• Identify trends, potential new technologies, and emerging threats which may impact the business.

• Provide technical advice and input for the support of integrated security systems and solutions.

• A minimum of 3 to 5 years of work experience supporting technical or support operations. Previous security operations center experience is strongly desired.

• Strong analytical skills and an ability to quickly learn and adapt to new technologies.

• Experience operating and administrating Security Information and Event Management (SIEM) platforms.

• Possess functional knowledge and administrative experience on Windows and Unix/Linux Platforms.

• A solid foundational understanding of TCP/IP and networks to include firewalls, routers, and ACLs.

• Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps.

• Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences.

• Experience with IDS/IPS, Splunk, FireEye, and similar technologies is desired.

• A bachelor's degree in a technical discipline or a professional certification (e.g. CISSP) is preferred, but is not required.

• Prior experience with mid-range and mainframe operating environments - Tandem, MVS, TPF, OS-400 is a plus.

• Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce.