Sr. Software Engineer - Security, Learning Enablement

  • Austin, TX, USA
  • Full-time

Company Description

Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.

Job Description

Do you believe the best offense is a great defense? Do you enjoy creative “out of the box” thinking using your deep technical knowledge to harden applications and prevent potential attacks? If yes, and you are interested in partnering with 3rd party vendors and internal Cyber Security teams to ensure Visa’s corporate applications are protected then this role is for you! The ideal candidate will have a deep understanding of today’s cyber security landscape and excellent engineering skills to manage vulnerability remediation, partner with vendors on penetration testing as well as conduct proactive security analysis and/or testing during software development lifecycle. We believe in leading by example, ownership with high standards and being curiously creative. Strong organization skills, attention to detail, and an ability to be a coach and mentor (to train other team members on security concepts) is key. Located in the Austin-based technology center and reporting to the Director of Development for Learning Technology this role will interact heavily with multiple teams including Cyber Security, Risk, Network, Operations & Infrastructure, End User Technology and business partners.

To learn more about Visa's Corporate IT Organization visit: careers.smartrecruiters.com/visa/cit

Responsibilities:

  • Proactively manage the vulnerability dashboard and ensure timely remediation of findings
  • Manage the findings exception process for packaged and internally developed applications
  • Contribute to the security update portion of the Monthly Business Review (MBR)
  • Schedule and manage penetration tests with Information Security
  • Manage finding remediation with developers and vendors
  • Research/identify and implement resolutions for findings and vulnerabilities including understanding impact to applications (technical and functional)
  • Submit and manage security assessments
  • Apply security patches and system configuration application and perform validation testing post change
  • Proactive testing of corporate applications (desktop and mobile) to identify issues early in the development/implementation process
  • Facilitate technical discussions between vendors, Cyber Security and Risk
  • Provide simplified explanation of findings to business partners and executive management including use cases for exploitation and risk
  • Identify and document mitigating controls
  • Lead SSO configuration/implementation and testing efforts with End User Technology and vendor partners 
  • Identify and implement opportunities for automation and engineering excellence

 

Essential Functions:

  • Coordinator of project and program support functions
  • A planner of many things: meetings, events, tasks
  • Asker of great questions
  • Builder of partnerships and alliances
  • Contributor to process improvements

Qualifications

Basic Qualifications:

  • 2 years of work experience with Bachelor’s Degree in Computer Science or related discipline, or an Advanced Degree (MA, PhD, etc...)
Preferred Qualifications: 
  • 3 or more years work experience or more than 2 years of work experience with an Advanced Degree (MA, PhD, etc...)
  • Minimum of 2 years progressively responsible experience in software and hardware vulnerability management
  • Strong understanding of OWASP standard and SANS 25
  • Programming experience such as C, LISP, Perl or Java to recognize threats or weaknesses embedded with program code
  • Exposure to technologies such as SQL, JEE, C++, XML, XSLT, SOA, ESB, SOAP, REST Web Services
  • Experience with SaaS application access using single-sign-on (SSO) with Microsoft Azure
  • Vulnerability management by Qualys Certification a plus
  • Demonstrated ability to absorb, analyze, and understand new information, technologies and practices quickly
  • Exceptional communication and customer facing skills, able to interact effectively with diverse groups of global stakeholders, both technical and business
  • Strong follow-through, problem identification, analysis and problem-solving skills 
  • Self-motivated with the ability to exercise independent judgment with minimal direction from supervisor

Additional Information

    Physical Requirements:

    • This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms.


    Travel Requirements:

    • The incumbent will be expected to travel <5% of the time


    Work Hours:

    • The incumbent will be expected to work during core business hours. 

     

    Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

    Privacy Policy