Director Technology Risk Management – Control Monitoring
- Foster City, CA, USA
As the world’s leader in digital payments technology, Visa’s mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You’re an Individual. We’re the team for you. Together, let’s transform the way the world pays.
Visa is seeking a Control Monitoring Director that will work with our internal teams to track and monitor key technology risks. Specifically, the candidate will create, maintain, and enhance data models and drive report output for key technology threat vectors such as application and infrastructure risk, third party technology suppliers, security incidents, data transfers, vulnerability assessments, system entitlements, etc. The candidate will also be responsible for identifying, building, and enhancing data sources that feed the risk models for ongoing risk monitoring and process improvement that will impact and achieve goals. In addition to construction of the technical environment and data population, this individual will be fundamental in interpreting the data as a subject matter expert adding value to Visa’s overall Technology Risk Management framework. The candidate will collaborate with key technology partners across the organization, and distill information into management and executive-level reporting. The candidate will have a strong understanding of technology risks and controls, and effectively collaborate with multiple stakeholders. The position reports to the Senior Director of Technology Risk (within our Enterprise Risk Management organization).
- Assist with coordinating reviews on Visa’s technology environment executed by independent organizations:
- Design, Develop, Maintain, and Enhance data models for key Technology Risk Management threat vectors
- Identify data sources internally that can be used to populate the models on a monthly basis
- Obtain ongoing feeds from primary data owners with adequate hygiene for all required data elements
- Manage a data dictionary for all data fields and sources, with a trigger mechanism for values outside of acceptable tolerances
- Create a data repository that consolidates the info and tracks the information from month to month
- Produce output of results on a monthly, quarterly, and annual basis for senior management
- Deliver on commitments made by Visa to the FFIEC and European regulators on ongoing risk and control monitoring and testing.
At Visa, everyone is a leader. We have a core set of principles that we share amongst our employees. These Leadership Principles apply to everyone at Visa, regardless of role, title, level, function or location. The successful candidate will possess the ability to lead by example, communicate openly, enable and inspire, excel with partners, act decisively, and collaborate.
- 12+ years of experience with data modeling, data analysis, and technology risk related controls required
- 12+ years of experience with data aggregation, data consolidation, and senior level data output required
- Knowledge of Cybersecurity (e.g. application compliance, third party technology risk, identity and access management, security incidents, etc.) required
- Knowledge of Business Continuity, Records Management, and Issue Management related data attributes and risk drivers required
- Ability to prioritize deliverables and projects to meet timelines efficiently and adapt to changes in priorities quickly
- Analytical and problem solving skills
- Ability to effectively communicate formally and informally
- Ability to facilitate group discussions and debate across geographic, functional lines and levels
- Bachelor's Degree required
- Experience in regulated industries required
- Experience in payment platforms preferred
- CISA, CISM, CISSP, certification preferred
All your information will be kept confidential according to EEO guidelines.