Security Analyst

  • Full-time
  • Job Family Group: Technology and Operations

Company Description

Visa operates the world's largest retail electronic payments network and is one of the most recognized global financial services brands. Visa facilitates global commerce through the transfer of value and information among financial institutions, merchants, consumers, businesses and government entities.

We offer a range of branded payment product platforms, which our financial institution clients use to develop and offer credit, charge, deferred debit, prepaid and cash access programs to cardholders. Visa's card platforms provide consumers, businesses, merchants and government entities with a secure, convenient and reliable way to pay and be paid in 170 countries and territories.

Job Description

 

Job Description:

  • The Information Security Analyst partners with IT groups, business groups, and project teams to perform security risk and compliance assessments for applications, infrastructure, and vendor / third parties. The Security Assessor will also support the review of VISA Key Controls and Technical Security Requirements
     
  • Perform security risk analysis and compliance assessments as necessary in accordance with industry "best practice" to deliver comprehensive, contextualized, actionable information
     
  • Execute, examine and test procedures in accordance with industry, regulatory, and corporate requirements
     
  • Support Information Security Assessment Team as an intermediate professional on IT risk within one of Visa's technology organizations
     
  • Affirm and advance various stakeholder's understanding of, and their responsibilities with respect to, the Payment Card Industry (PCI) Data Security Standard (DSS)
     
  • Assist remediation planning, governance, and risk treatment activities as required
     
  • Support and manage multiple SAs and other consulting projects in fast-paced environments
    Contribute "best practices" in terms of findings, checklists, templates, testing methods, and techniques to support and advance a "best of breed" Security Assessment program
     
  • Provide periodic, dynamic updates on security assessment analysis and security posture with an emphasis on deliverables
     
  • Build an extensive network of positive relationships throughout Visa and its technology organizations to be leveraged to accomplish the broad requirements of this position
     
  • Promote information security as an enabler of the organization's core business processes
     
  • Support implementation and enforcement of Visa's information security programs and policy
     
  • Prescribe security improvements for Visa's environment which resolve or mitigate SA findings or otherwise enhance security posture to achieve compliance with PCI, NIST, and corporate control policy
     
  • Provide input to corporate initiatives to establish security criteria or specifications for Information Security as required
     
  • Contribute individual skills and experience to advance development of the Security Assessment program
    Respond and escalate if necessary, to urgent security-related issues at any time
     
  • Uphold the maxim of “Accuracy, Consistency, and Alignment” for all deliverables
     

 

Qualifications

 

Qualifications:

 

  • 3+ years of IT experience in highly-regulated organizations
     
  • 2+ years of IT security experience, in security risk and compliance assessments for applications, infrastructure, and vendor / third parties, review of technical security requirements, review, approve and track security exceptions and remediation.
     
  • Intermediate knowledge of industry-relevant regulation including Payment Card Industry (PCI) Data Security Standard (DSS), NIST, and FFEIC
     
  • Intermediate understanding of information security “best practices” including principles, security protocols and standards material such as OWASP Top 10 and SANS Critical Security Controls
     
  • Understand and be well-versed in common Cyber Threat terminology, vulnerability and penetration test methodologies; possess basic knowledge of cyber incident and response, and related current events
     
  • Intermediate understanding of business, finance, and management concepts
     
  • Articulate communicator, demonstrating mastery of both spoken and written English, with the ability to tailor deliverables appropriately
     
  • Strong critical thinking skills; ability to quickly comprehend problems, develop hypotheses, draw logical conclusions, develop solutions, and respond accordingly
     
  • Strong ability to lead, coordinate, and motivate other people, especially those outside of a direct reporting relationship
     
  • Proven history of being a self-starter: proactively identifying problems, determining pragmatic solutions, identifying and obtaining needed resources, and executing with limited supervision
     
  • Relevant undergraduate degree or equivalent professional experience
     

 

 

Preferred Qualifications:

  • Preferred undergraduate degrees include computer science, management of information security, etc.
     
  • Professional experience within financial services, banking, or critical infrastructure organizations
     
  • Advanced Information Security certification (CISSP or equivalent is preferred, but CISM, CEH, or similar certifications are also useful)
     
  • Advanced Auditing certification (CISA, etc.)

Additional Information

All your information will be kept confidential according to EEO guidelines.

Privacy Policy