Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

JOB SUMMARY
Information Security is an integral part of Visa’s corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, and it is the responsibility of each and every employee to safeguard information, protect it from unauthorized access, and ensure regulatory compliance. Information Security has a significant effect on privacy, consumer confidence, external reputation, and it is a priority on everyone’s agenda.
The successful candidate will join Global Information Security and will be responsible for the leadership, development, implementation, and operations of the Cyber Security program in China. This person will lead a team of high performing security engineers, analysts, and incident responders at one of Visa’s operations centers. The position manages a team that identifies cybersecurity threats to Visa and performs necessary countermeasures to mitigate identified threats. In addition, this leader will manage a team of advanced security engineers who evaluate, design, deliver, and operationalize new security solutions to counter the latest threats to the cyber environment. The team is part of a larger organization located across multiple geographic sites that is responsible for the comprehensive cyber defense of Visa and its subsidiaries.
The successful candidate must be able to instill a culture that strives toward the highest standards in security engineering and operational excellence while ensuring that business requirements are understood and adhered to and that security risks in new and existing infrastructure are properly understood and mitigated.

RESPONSIBILITIES

• Understand Visa’s holistic cybersecurity strategy. Provide leadership and direction to ensure the organization’s priorities are given appropriate focus.

• Direct, guide, and oversee the activities of incident response and analytical staff who are charged with the analysis of threat identification information from an array of sensors and the rapid resolution of any identified threats.

• Build and develop a talented team of technology professionals to include team member selection, goal setting, annual reviews, and career development.
• Instill and foster a culture of excellence, integrity, and professionalism; one that works toward the highest standards in security and while balancing the needs of the business.

• Conduct reviews of threat analysis activities performed by staff members to identify important trends and opportunities for improvement.

• Recommend courses of action based on analysis of both existing and emerging threats. Deliver reports, briefings, and assessments to leadership to facilitate their understanding of emerging issues.

• Provide oversight to incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) and develop strategies to contain and eradicate the incident. Ensure operations are recovered seamlessly.

• Provide leadership and guidance to both technical teams and business leaders during large incident responses and major cases.

• Serve as a subject matter expert in the identification of cyber threat events and incident response.

• Incorporate intelligence provided by a partner team to conduct proactive and reactive operations to mitigate emerging threats to Visa

• Develop and improve KPIs, metrics, and trending to inform Visa leadership.

• Develop and refine processes, procedures, and techniques used by the team to continually improve operational excellence.

• Provide guidance and mentor technical staff on incident handling and serve as an escalation point for analysts and malware specialists.

• Work with colleagues in other technology departments as well as the business and product offices to establish effective, productive business relationships.

• Provide leadership in the innovation of cutting-edge security technologies and utilize a risk-based approach to properly test and introduce them into the overall environment.

• Lead global projects, develop timelines, manage project teams, and drive deliverables to be on time and within budget.

• Guide the identification of cybersecurity threats and perform analysis of reported anomalies on Visa networks and systems

• Provide support from the proof of concept phase to deployment, defense, and sustained engineering for multiple security detection and alerting tools, including:
o Firewalls
o Intrusion Protection/Detection Systems
o Web Proxies
o Web Application Firewalls
o DDoS Mitigation Services

• Work with the team to:
o Monitor information security alerts though the use of a Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts
o Utilize sensor data and correlated logs containing IDS/IPS, AV, Windows events, web proxy, and similar data to establish context and to rule-out false positives.

• Work closely with other network and security teams within Visa, maintaining up to the minute information about the underlying network and security requirements to optimize security tool deployment as well as operationalize actionable intelligence.

• Build systems to automate deployment, configuration, and reduce human error for repeatable and well understood tasks.

• Work with Cyber Security and Risk Management teams to achieve Global Information Security program objectives.

• Implement simplified security metrics approach that enables executive leaders, line managers, and operational staff to quickly take action on security related risks.

• Collaborate with all internal and 3rd party security and audit teams to implement security controls that will protect the Visa brand from real or perceived security threats

• Work alongside a world-class, high performance security team comprised of engineering, operations and consultative internal advisory professionals globally.

• Effectively manage reported system, application and device vulnerabilities and through remediation and maintenance in adherence with incident response policies.

• Develop and optimize processes to improve security threat identification and remediation

• Experience with applicable control frameworks and compliance mandates, including “Basic Standard”, PBOC, ISO 2700x, PCI, GLBA, HIPAA, SSAE16, etc.

• 10 years plus in technology, information security, and/or network administration

• Minimum of 5 years working on information security with a large, mission-critical enterprise environment

• Demonstrated experience in an enterprise-level incident response team or security operations center is a plus.

• Have practical, hands-on experience and possess a good understanding of several common security tools, such as a SIEM, IDS, DLP, WAF, as well as host and network forensics tools.

• Strong understanding of networks, endpoint security, and application layer gateway technologies

• Strong understanding of web application design, function and secure software development lifecycle (SSDLC)

• Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps

• Operational knowledge of systems, databases and network security engineering best practices

• Solid problem solving and analytical skills with the ability to quickly evaluate issues and recommend an appropriate solution

• Ability to communicate technical matters in written and spoken English & Mandarin Chinese
Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences

• Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree highly preferred

The successful candidate will have significant experience in:
• Strong people management skills with demonstrated ability to grow and mentor a high performing team

• Reputation for being a collaborative thought partner and business leader, skilled at leveraging formal and informal networks

• Leading, recruiting, growing and retaining high-caliber data talent at scale

• Leading organizational transformations along dimensions such as deep partnerships and agile collaboration with business, fostering a culture that encourages innovation

All your information will be kept confidential according to EEO guidelines.