Intern - Cybersecurity (Masters Degree) - Multiple Locations
- Foster City, CA, USA
Note: By applying to this position your application is automatically considered for the following locations: Foster City, CA; Ashburn, VA; Austin, TX; Highlands Ranch, CO
As the world’s leader in digital payments technology, Visa’s mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You’re an Individual. We’re the team for you. Together, let’s transform the way the world pays.
Data breaches and identity theft pose an existential threat to our business, and in today’s hyper-connected world, that threat is escalating. The growth of digital, mobile and Internet of Things (IoT) is bringing payments to millions of new connected devices—and millions of new potential entry points for cybercriminals. Today’s criminals are relentless in their attempts to exploit vulnerabilities with increasingly sophisticated malware, social engineering, and brute force attacks. To protect Visa’s assets in this dynamic threat landscape, we’re deploying new cyber-security tools, collaborating across industries, and taking a proactive approach to monitoring the cyberspace beyond the Visa network.
We have matured from a compliance-driven organization to an agile one that can actively defend against threats and proactively manage risk for the enterprise. To maintain our impressive track record of zero breaches to the Visa network, we must stay vigilant in tracking our adversaries and evolving our approach to thwart new and emerging attack vectors.
Teams Actively Hiring within Cybersecurity
Security Architecture and Engineering
Defines and attests security architecture and standards for all Technology solutions, infrastructure, and applications. Also engineers security solutions and services to reduce attack surface in Visa’s products and infrastructure.
Identity and Access Management (IAM)
IAM is the security and business discipline that enables the right user to access the right resources at the right time and for the right reasons. Key IAM functions include access requests, user on-boarding, off-boarding, transfers, user access re-certification; privileged access management, single-sign-on, multi-factor authentication, and role based access control. IAM strives to set the correct balance between convenience/user-experience and compliance/enterprise risk reduction.
Focuses on delivery of 24x7x365 days security monitoring, incident response and investigations, and threat intelligence capabilities for Visa. We have adopted an intelligence-driven defense and response to cyberattacks of consequence. We have enhanced several key functions including Database Activity Monitoring, File Integrity Monitoring, and Distributed Denial-of-service (DDoS) protection across all critical applications and implemented a Next-Generation Firewall Platform.
Enables cyber innovation by the rapid design, creation, and deployment of technologies and processes that will provide a level of confidence and protection to our stakeholders and partners.
Governance Risk and Compliance
Evolve and strengthen our dynamic risk and compliance framework to enable Visa and our partners’ to meet regulatory requirements and achieve business and strategic objectives. Drive achievement of Cybersecurity objectives through management of internal and external security risks, monitoring assurance against required remediation deadlines, support in internal and external compliance reviews internal assessments of cyber security risk posture, operational and executive reports to stakeholders.
- Must have a High School diploma or equivalent
- Pursuing a Masters degree in Cybersecurity, CS, Engineering, Networking, Information Systems, or related technical degree, graduating December 2020 or later.
- Maintain a 3.0 GPA or higher (4.0 scale)
Exposure and hands on experience in one of following areas, but not limited to:
- Supporting software development / QA specially web services, security tools etc.
- Tech skills: Burp Suite, IDA pro, APKTool, Hopper, HP Fortify, CheckMarx (Sast/Dast), Cycript, XPosed, Charles, dex2jar, Kali Linux, Wireshark or any mobile security and/or penetration testing tools or frameworks.
- SOAP / REST API, Web Services
- Development tools such as Maven, Jenkins and Git
Machine Learning - Security Engineering:
- Applying Machine Learning/Artificial Intelligence, data science, and statistics concepts including API integration, python, authentication, analysis, modeling, and visualization (python, sci-kit, numpy, matlab, algorithms)
- Statistical and machine learning models
- Exceptional coding skills and experience with high-level programming language like Scala, Python, Java for data analysis.
- Experience with tools for statistical computing (e.g. tensorflow, NumPy, SciPy).
Identity Access Management (IAM):
- Identity Management solutions like Oracle Identity Manager, Sailpoint or similar tools
- IAM products related to Authentication, provisioning, authorization, SSO, and/or enterprise security protocols like SAML, OpenID, OAuth and/or mobile development (iOS/Android)
- Security technologies including data encryption, intrusion detection/prevention, event correlation, secure application development, etc.
- Security controls provided in common platforms and applications in the corporate environment including Unix, Linux, Windows, IBM Mainframe (zTPF, MVS), Oracle, MS SQL Server Microsoft Outlook, J2EE and .NET applications, etc.
Platform System Admin:
- Linux and/or Windows
- Administering, troubleshooting, and optimizing WebLogic
- Code deployments into a Linux/WebLogic environment
- Encryption and key management security practices.
- Host Security Modules (HSM) administration practices and capabilities. (Desired)
- CISM or CISA, ITIL, CRISC.
Cyber Defense and Incident Response:
- Cyber Security Operations, Incident Response processes
- Python and/or PowerShell scripting, YARA, RegEx and PCRE
Governance Risk and Compliance:
- Current information security and compliance vendor landscape
- Control frameworks such as NIST-800-53, Center of Internet Security, ISO/IEC 27002
- Regulatory requirements in particular PCI-DSS, GLBA, FFIEC, SOX, GDPR
- This position requires the incumbent to be available during core business hours.
- This position requires the incumbent to travel for work less than 10% of the time.
- This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.