Cybersecurity GRC Specialist (PCI DSS Focus) - Level 4

  • London, UK
  • Full-time

Company Description

Fascinated by the future and captivated by technology?

Smart, driven and want to make a difference in the world?

You’ll fit right in.

Join a diverse team at Visa, where your individuality fits right in. We can provide the opportunity to shape the payments experience globally. Together, let’s transform the way the world pays.

Think you know us?

Our mission is to connect the world through the most innovative, reliable and secure digital payment network that enables individuals, businesses and economies to thrive.

Individuality fuels our brand and our global team – we’re proud that we are a talented team of 15,000 individuals with unique backgrounds, perspectives and experiences. Therefore, we understand that you are much more than your day job. We encourage quality of life outside of the office, whether it’s taking advantage of agile work schedules or our wellness programs, Visa respects and encourages meaningful work/life balance for everyone. In addition, we offer market leading salary and have a fantastic benefits offering.

So, if you’re not satisfied with the status quo, we can satisfy your desire to explore new territory, giving you the runway to really make an impact, whilst connecting you with teams around the world in a truly inclusive culture that celebrates our uniqueness.

Job Description

If you think you could support Visa as a Cybersecurity GRC Specialist (PCI DSS Focus), we want to hear from you – together, let’s make Visa a great place to work.

What’s it all about?

Cybersecurity is at the beating heart of our business. Our diligence and expertise is what makes us the undisputed leader in electronic payments.  We’ve made it our priority to create top-tier governance, risk & compliance teams, poised to defend us against any potential cyber threats.  

We’re looking for those of you who are inherently driven and fascinated by the art and science of cybersecurity. We’ll equip you with the very best tools so that you can deliver top notch results. 

Continuous self-development underpins job fulfilment at Visa.

GRC Mission

To proactively manage Cybersecurity risk for the enterprise within risk appetite and maintaining internal and external compliance. We accomplish this through defining and driving assurance of Visa’s Cybersecurity policy and standards, ensuring that we balance our Cybersecurity risk with the growing business and there is appropriate governance oversight.

Value Propositions

  • Drive second line governance and oversight across cybersecurity and acquired entities
  • Drive integration of acquired entities and second line governance and oversight of acquired entities
  • Proactively evaluate and report on our security posture to ensure continuous risk management
  • Ensure we evolve and maintain our internal and external compliance
  • “Connecting the dots” internally and externally

What we expect of you, day to day.

  • As a member of the Visa Europe Cybersecurity Governance Risk and Compliance team this role will be responsible for providing expert support to deliver Payment Card Industry Data Security Standard (PCI DSS) compliance internally to Cybersecurity, the wider business and externally to clients.
  • Assist with the co-ordination and delivery of Visa’s annual PCI DSS assessments.
  • Direct ownership and accountability for procedures and controls to ensure compliance with PCI DSS.
  • Take specific ownership of the Cybersecurity actions resulting from PCI assessments and compliance activity – facilitate interaction between the relevant Cybersecurity teams from issue identification through to evidence collection and issue close out.
  • Evaluate plans and evidence artefacts to validate accuracy and appropriateness for issue close out applying technical skills and prior experience.
  • Provide oversight for self-assessment and readiness programs for Cybersecurity and wider business systems and processes.
  • Partner with SMEs and stakeholders such as Internal Audit, Global Compliance, and Enterprise Risk to identify, remediate, and track Cybersecurity issues.
  • Manage communication and feedback to SME’s to close compliance gaps where identified.
  • Understand the assessment lifecycle processes followed and adapt accordingly.
  • Be able to provide support to the broader GRC vision and mission.
  • Accommodate ad-hoc activities in support of the ongoing internal and external audit and provide support if requested for other internal or external compliance activity.


What we’re after…

  • Solid understanding and experience in co-ordinating and conducting PCI assessments from a QSA or ISA perspective to financial and/or technology companies or Big 4 consulting.
  • Relevant and extensive experience in evaluating technology and/or security controls against the PCI DSS preferably for financial and/or technology companies.
  • Cybersecurity experience in a relevant industry - Sound knowledge and experience of information security related technologies and practices.
  • Experience in IT Governance, Risk and Compliance function with an emphasis on technology advantageous.
  • Adaptable by nature with the ability to pick-up and understand unfamiliar technologies and concepts for discussion with technology and business team.
  • Ability to prioritize deliverables and projects to meet timelines efficiently, to adapt to changes in priorities quickly. Demonstrated ability to meet deadlines and commitments in an environment that requires multi-tasking among concurrent activities and frequent change of priorities.
  • Superior analytical and problem solving skills.
  • Experience working in a global organisation with the need to deliver to regional requirements.
  • Team oriented, collaborative, diplomatic and flexible. Able to work independently and as part of a team.
  • Excellent written and verbal communication skills.
  • Previous PCI ISA, PCI QSA qualification, current PCIP qualification or equivalent demonstrable experience.
  • CISM, CISSP, CISMA, CISA and auditing qualifications desirable.

Think you have what it takes?

If you are interested in a career that will challenge and inspire you – we’d love to hear from you!


Additional Information

Diversity & Inclusion

Universal acceptance for everyone, everywhere, is not only our brand promise, it’s the foundation of our company culture. We foster a feeling of connectedness in the workplace, support diversity of thought, culture and background, fight for important initiatives like Equal Pay and actively work to eliminate unconscious biases that hold us all back.

By leveraging the diverse backgrounds and perspectives of our worldwide teams, Visa is a better place to work and a better business partner to our clients.

Privacy Policy