Senior Cybersecurity Engineer (WAF)

  • Ashburn, VA, USA
  • Full-time

Company Description

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do. CyberSource, a Visa company, has been and continues to be a pioneer within the e-Commerce Payment Management world. Our VisaNet network is capable of handling over 65,000 transaction messages per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks.  We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

Job Description

You will develop, support, tune and deploy security solutions across Visa.  Primary day-today job duties involve: 

  • Web Application Security: Engineering, deployment, and operations of security solutions, including Database Activity Monitoring and Web Application Firewall, as well as integration of those platforms with other solutions as required.
  • Application Logging: Enrolling log sources, administration, Content development and working with our logging solutions customers/stakeholders across the globe. Working with commercial and Opensource solutions such as Splunk, ArcSight, IBM QRadar, Sumologic, Imperva, ELK Stack
  • Security Software Development: Scripting and Development in Python,   Shell scripting and development in other languages

Responsibilities:

Web and Database Application Security:

  • Engineers, configures, deploys, and maintains Web Application Firewall solutions
  • Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
  • Develops advanced alerts/reports to meet the requirements of key stakeholders
  • Develops scalable security management tools and processes
  • Develops automation for security tools management and workflow integration
  • Collaborates with key stakeholders within Information Security and Engineering teams to develop specific use cases to address specific business needs
  • Creates WAF rules to mitigate threats and implements best practices

Application Logging:

  • Lead logging enrollments from multi-tier applications into the enterprise logging platforms
  • Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
  • Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
  • Develop advanced reports to meet the requirements of key stakeholders
  • Develop scalable security management tools and processes
  • Engineers, configures and deploys Enterprise SIEM/SEM solutions on Prem and in the Cloud
  • Develop automation for security tools management
  • Collaborate with key stakeholders within   Cyber Security to develop specific use cases to address specific business needs
  • Collaborate with application owners to define and establish logging standards to address various governance requirements.

Qualifications

Over 6 years of experience in Cybersecurity space required: 

 Development Experience:

  • Expert Python Scripting, Perl, Shell scripting. Development experience in C++, Java, Java Script
  • Excellent experience with Regular Expressions

 Application Security:

  • Knowledge of SSDLC processes
  • Required knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
  • Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks. 
  • Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
  • Experience with Web Application Firewall management and rules
  • Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
  • Excellent understanding of common network and web protocols
  • Excellent understanding of DDoS techniques and mitigation mechanisms

Cloud Security:

Application Logging:

  • Expertise in Log aggregation, Correlation and alerting using commercial and Opensource tools
  •  Experience in administration of commercial and Opensource SIEM solutions

Cyber Defense and Incident Response:

  • Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
  • Prior experience in Security Operations and Incident Response
  • Excellent understanding of Cyber Security Operations, Incident Response processes

Infrastructure management and support:

  • System administration experience in a Windows and Unix environment
  • Experience working in a large enterprise environment
  • Experience integrating solutions in a multi-vendor environment
  • Familiarity with Atlassian JIRA

Database Security:

  • Experience in database security and administration (Oracle, MySQL/SQL, DB2)
  • Experience working with Big Data platforms/non-relational databases
  • Experience working with Hadoop
  •  Experience developing Data Analytics/Anomaly detection algorithms.

Educational, Certifications and Other:

  • Excellent communication skills
  • Excellent team player
  • CISSP, SANS GPEN, SANS GXPN, SANS GIAC, SANS GREM, AWS Security (at least some of these)
  • OSCP (Offensive Security Certified Professional ) is a plus
  • Bachelor’s degree in engineering, computer science, information security, or information systems

Additional Information

All your information will be kept confidential according to EEO guidelines.

“Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.”

Privacy Policy