Senior Security Automation Engineer (REF14878K) - Digital Developer Platform (VDDP)
- Austin, TX, USA
Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the
common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.
Visa's Digital and Developer Platform (DDP) team is building a new generation of products to facilitate commerce in everyone's digital and mobile lives. Our focus is to build intuitive features that expose profound new value for our customers, merchants and developers.
DDP is looking for a Senior Security Automation Engineer focused on building security capabilities around digital and mobile products. Security is Visa’s number 1 priority and requires deep cross functional collaboration between architects, developers, and engineers. The Senior Security Automation Engineer will be part of the DDP Security Automation Team focused on delivering innovative solutions to ensure secure product lines.
You are expected to work closely with architects, developers, testers, and our Corporate security organization, to deliver security solutions using hands-on experience in security solutions and services. You need to be a self-starter, a quick learner of new technologies and have experience in product security such as secure application design, static code analysis and web/mobile application vulnerabilities, and penetration testing. You will be hands-on and a critical part of the engineering team for a high-performance product security automation framework development, evangelism, and maintenance.
· Automate DDP's security operations and aid governance
· Participate in all stages of development from design through implementation
· Understand current security posture of product ecosystem and specifics for DDP's solutions
· Implement cutting edge security technologies, drive towards adoption, create proof-of-concept and frameworks
· Partner with Visa Security teams and enable enterprise wide security capabilities for DDP's services, solutions and ecosystems
· Collaborate with cross-functional peers to influence industry standards adoption
· Integrate security capabilities with other security pillars that include identity access management, data protection, network security and application security
· Work with cross-functional experts to set strategic direction for Application and Infrastructure Security
- BS or MS in Computer Science, Engineering or Information Systems Management with a Security concentration and 5 or 2 years respectively of industry experience
- Strong problem solving and analytical skills
- Ability to quickly digest any issue/problem encountered and recommend an appropriate solution
- Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to high-level presentations
- Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
- Hands on experience in using Penetration Testing or Dynamic Application Security Testing Tools (Burp Suite Pro, Checkmarx, Blackduck, Vega, Wapiti, W3af, SQLMap or commercial products Acunetix/Netsparker/Metasploit) is a must
- Experience in CI/CD, understanding of various CI/CD tools and frameworks like Jenkins, Maven, Hudson, Artifactory, Bamboo, Chef, Ansible
- Experience in SSL/TLS, Keystores, RBAC, etc.
- Experience in deployment processes and best practices
- Well versed with J2EE ecosystem with hands on knowledge of core java, Spring, Cryptography, Hibernate, Kafka, Maven, etc.
- Knowledge in payment services and systems is a plus
- Knowledge payment compliance and standards (PCI DSS, FFIEC, NIST Security Standards) is a plus
- Industry security certifications (i.e. CISSP, CISSP-ISAAP, CISA, CISM) is a plus
All your information will be kept confidential according to EEO guidelines.