Director, Technology Risk Management
- Foster City, CA, USA
Visa USA is a Visa company. Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.
Visa is seeking an experienced technology risk management resource that will manage our overall approach to risk evaluation and assessment within our Technology Risk Management function. The candidate will be responsible for aligning the risk management activities with the overall enterprise risk framework. The role will collaborate with other risk management functions and programs, such as Cybersecurity and IT Disaster Recovery, to drive the efficient assessment of risk, and ensure appropriate and rapid escalation of those risks as necessary. The candidate must have a deep understanding of technology risks and controls, particularly data security and availability risks. In addition, the candidate will enhance ways of communicating risks to senior and executive leadership. The candidate will collaborate with other team members involved in the overall process, and will help to ensure that risks are processed and evaluated timely.
- Oversee the execution of the risk assessment process, identifying and remediating inefficiencies in the process as necessary
- Identify opportunities to implement automation that will reduce manual risk assessment tasks
- Evaluate the evolving technology threat landscape and ensure enhanced risk evaluation techniques are incorporated
- Identify and communicate emerging risks, and ensure they are assessed and controlled or mitigated as necessary
- Attend and provide information on risk assessment at governance and leadership meetings
- Develop reporting to inform management and governance committees of risk
- Collaborate with other teams involved in the process (e.g. Cybersecurity, Operations & Infrastructure, Corporate IT, etc.)
- Provide the first level of review of risk assessments and exceptions to ensure sufficient information is included in requests
10 years of work experience with a Bachelor’s Degree or at least 8 years of work experience with an Advanced Degree (e.g. Masters/MBA/JD/MD) or at least 3 years of work experience with a PhD
- Bachelor's Degree and 10+ years of relevant experience
- Experience leading and managing teams
- Demonstrate proven success in a role that emphasizes managing various technical aspects of the following: IT Audits, IT Risk Management, Information Security and/or Technical Privacy
- Ability to work independently with minimum oversight. Self–starter and a team player; interested in joining and maintaining a collegial work environment
- Knowledge of Cybersecurity (e.g. access management, data security, etc.), availability (e.g. incident and change management, capacity management), and business continuity risks and controls
- Experience with Information Security, Risk Management and industry standards such as ISO 27001, NIST, FFIEC IT Handbook, PCI, etc.
- Ability to convey technology risk management concepts to both technical and non-technical audiences. The candidate must be able to translate technology risks to business impacts
- Strong ability to prioritize deliverables and projects to meet timelines efficiently, to adapt to changes in priorities quickly
- Possess solid analytical and problem solving skills
- Strong written and verbal communication skills
- Communicate effectively, formally and informally, to senior management and governance committees
- Ability to facilitate group discussions and debate across functional lines and levels
- CISSP, CISM or CISA certification
- MBA or advanced degree
- Experience in regulated industries
- Prior experience in payments
All your information will be kept confidential according to EEO guidelines.
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms.
This position requires the incumbent to be available during core business hours
This position requires the incumbent to travel for work 0% of the time.