Director – Governance Risk & Compliance
- Foster City, CA, USA
As the world’s leader in digital payments technology, Visa’s mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You’re an Individual. We’re the team for you. Together, let’s transform the way the world pays.
This hands-on leadership position will serve as part of Visa's Cybersecurity Governance Risk Compliance (GRC) organization, embedded with Assurance program to develop, enhance and mature Cybersecurity Controls monitoring program. This position requires a leader with strong communication skills, can effectively balance multiple initiatives, work with all Cybersecurity teams to provide real-time Cybersecurity controls effectiveness posture to senior leadership. This position will also work with Cybersecurity teams to drive continuous process improvements and greater automation to deliver best of industry tools to improve process effectiveness and efficiency in GRC organization.
- Minimum of Bachelor’s degree or equivalent
- Experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others
- 8-12 years of work experience
- Experience including leadership roles in Cybersecurity, Controls Monitoring, Audit, Risk, and/or Compliance. Open to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) as long as candidate can demonstrate relevancy to this Cybersecurity based role.
- Must be able to work with Global teams with focus on cross-functional team’s success.
- Deep knowledge about Security monitoring tools, databases and dashboard products.
- Ability to build Enterprise wide programs from inception to fully operationalized and optimized stage.
- Excellent Data gathering, analysis and reporting skill.
- Bachelor’s Degree in Business, Information Systems Management (or related field) or equivalent work experience
- Proven experience working with multiple individuals on internal and external delivery and communication initiatives.
- Ability to synthesize a variety of data points into comprehensive and effective execution and risk mitigation plans.
- Flexible and able to manage multiple tasks and priorities on very tight deadlines.
- CISSP, CISA Certifications preferred.
- Work with executives, stakeholders and teams to define and establish an enterprise-wide Cybersecurity controls compliance monitoring program
- Develop a road-map and implement a controls compliance monitoring program to meet stakeholder and regulatory requirements
- Define a continuous compliance framework including reporting requirements and appropriate security metrics to monitor and demonstrate the efficacy of enterprise Cybersecurity controls
- Collaborate with multiple stakeholders to collect, analyze and report on real-time controls effectiveness posture for platforms and assets to senior leadership.
- Provide continuous monitoring and work with Cybersecurity teams to address and remediate identified control weaknesses.
- Identify ways to increase efficiencies and leverage technology to automate
- Possess in-depth knowledge of the Cybersecurity, financial, and/or technology regulatory environment and risk management practices
- Develop data points into Cybersecurity risk management reporting activities, including dashboards, metrics, and executive reporting content
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.