Sr. Software Engineer, Security Operations
- Austin, TX, USA
Visa operates the world's largest retail electronic payments network and is one of the most recognized global financial services brands. Visa facilitates global commerce through the transfer of value and information among financial institutions, merchants, consumers, businesses and government entities. We offer a range of branded payment product platforms, which our financial institution clients use to develop and offer credit, charge, deferred debit, prepaid and cash access programs to cardholders. Visa's card platforms provide consumers, businesses, merchants and government entities with a secure, convenient and reliable way to pay and be paid in 170 countries and territories.
Do you believe the best offense is a great defense? Do you enjoy creative “out of the box” thinking using your deep technical knowledge to harden applications and prevent potential attacks? If yes, and you are interested in partnering with 3rd party vendors and internal Cyber Security teams to insure Visa’s corporate applications are protected then this role is for you! The ideal candidate will have a deep understanding of today’s cyber security landscape and excellent engineering skills to manage vulnerability remediation, partner with vendors on penetration testing as well as conduct proactive security analysis and/or testing during software development lifecycle. We believe in leading by example, ownership with high standards and being curiously creative. Strong organization skills, attention to detail, and an ability to be a coach and mentor (to train other team members on security concepts) is key. Located in the Austin-based technology center and reporting to the Director of Development for Learning Technology this role will interact heavily with multiple teams including Cyber Security, Risk, Network, Operations & Infrastructure, End User Technology and business partners.
- Proactively manage the vulnerability dashboard and insure timely remediation of findings
- Manage the findings exception process for packaged and internally developed applications
- Contribute to the security update portion of the Monthly Business Review (MBR)
- Schedule and manage penetration tests with Information Security
- Manage finding remediation with developers and vendors
- Research/identify and implement resolutions for findings and vulnerabilities including understanding impact to applications (technical and functional)
- Submit and manage security assessments
- Apply security patches and system configuration application and perform validation testing post change
- Proactive testing of corporate applications (desktop and mobile) to identify issues early in the development/implementation process
- Facilitate technical discussions between vendors, Cyber Security and Risk
- Provide simplified explanation of findings to business partners and executive management including use cases for exploitation and risk
- Identify and document mitigating controls
- Lead SSO configuration/implementation and testing efforts with End User Technology and vendor partners
- Identify and implement opportunities for automation and engineering excellence
- Coordinator of project and program support functions
- A planner of many things: meetings, events, tasks
- Asker of great questions
- Builder of partnerships and alliances
- Contributor to process improvements
- 2 years of work experience with Bachelor’s Degree in Computer Science or related discipline, or an Advanced Degree (MA, PhD, etc...)
- 3 or more years work experience or more than 2 years of work experience with an Advanced Degree (MA, PhD, etc...)
- Minimum of 2 years progressively responsible experience in software and hardware vulnerability management
- Strong understanding of OWASP standard and SANS 25
- Programming experience such as C, LISP, Perl or Java to recognize threats or weaknesses embedded with program code
- Exposure to technologies such as SQL, JEE, C++, XML, XSLT, SOA, ESB, SOAP, REST Web Services
- Experience with SaaS application access using single-sign-on (SSO) with Microsoft Azure
- Vulnerability management by Qualys Certification a plus
- Demonstrated ability to absorb, analyze, and understand new information, technologies and practices quickly
- Exceptional communication and customer facing skills, able to interact effectively with diverse groups of global stakeholders, both technical and business
- Strong follow-through, problem identification, analysis and problem-solving skills
- Self-motivated with the ability to exercise independent judgment with minimal direction from supervisor
- The incumbent must make themselves available during core business hours including routine evening global meetings
- This position does not require the incumbent to travel for work.
- This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
To learn more about our Visa's Corporate IT Organization, visit careers.smartrecruiters.com/visa/cit
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.