Information Security Analyst

  • Full-time
  • Job Family Group: Technology and Operations

Company Description

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

“Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.”


Job Description

This position will serve as part of Visa's Information Security Audit, Compliance, and Regulatory team, providing oversight, coordination, and delivering the activities supporting successful internal audits and external compliance, and regulatory activities. This role ensures the ongoing effectiveness of Information Security controls (automated, manual, and needing development), working with a variety of control owners within the Information Security organization, and evaluating control design and standards in a variety of program areas. Areas of focus include ongoing internal audits, annual compliance and regulatory activities with QSAs, Global Compliance, and Enterprise Risk. This position requires an individual that can effectively balance the individual elements of each of these activities, while keeping the overall program on track for annual certification. This position will also support the sharing/dissemination of this information to external customers and clients, upon request, following Visa's requirements and representing Information Security as a strong and effective communicator and liaison.

Qualifications


  • Must have 1+ years of work experience in Information Security, Audit, Risk, and/or Compliance. Open to experience in other relevant fields (i.e., finance, business administration, information technology, etc.) as
    along as candidate can demonstrate relevancy to this Information Security based role.

  • Must have 1+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others

  • Bachelor’s Degree in Business, Information Systems Management (or related field) or equivalent work experience. Master's Degree with minimal experience will also be considered

  • Proven experience working with multiple individuals on internal and external delivery and communication initiatives.

  • Ability to synthesize a variety of data points into comprehensive and effective execution and risk mitigation plans.

  • Strong executive presence and communication skills - experience in Audit/Compliance/Regulatory discussions and proactive readiness activities with internal partners and external customers/clients.

  • Delivers effective and strong documentation to support compliance and certification audits.

  • Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.

  • CISSP, CISA Certifications preferred

Additional Information

RESPONSIBILITIES

  • Support Audit, Compliance, and Regulatory programs for Information Security and its Technology organization internal business partners

  • Participate in a primary capacity for audits, compliance, and regulatory activities,
    including, but not limited to: FFIEC, GLBA, SSAE16, PCI, Sarbanes-Oxley (SOX), Internal Audit, & Customer/Client Inquiry

  • Possess knowledge of the information security, financial, and/or technology regulatory environment and risk management practices

  • Provide oversight and align resources for program activities across a global security organization

  • Work collaboratively with corporate compliance, internal audit, enterprise risk management and various technical teams in the design and implementation of audit, regulatory, and compliance practices for Information Security

  • Promote proactive readiness activities and enhancement of Information Security-based internal controls to support future internal and external reviews
  •  
  • Develop data points into Information Security risk management reporting activities, including dashboards, metrics, and executive reporting content

  • Advises Information Security leadership on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.


Privacy Policy