Cybersecurity Engineer - Cloud Security Automation
- Foster City, CA, USA
Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.
This position is for a Cybersecurity Engineer – Cloud Security Automation in the Cybersecurity team who will focus on developing security automation platform for public cloud.
Visa's Cybersecurity Architecture & Engineering team collaborates with product development teams globally, and other teams within Cybersecurity organization on security engineering, building and maintaining the most innovative, reliable, secure and cost-effective security solutions to protect VISA growing customers’ growing needs.
You will be part of a friendly team of top notch security engineers and security architects who lead Visa's hybrid cloud global strategy, cloud engineering and automation, private and public cloud integration architecture and application security automation end to end. As part of this team, you will have total ownership as a security automation engineer to build security as DNA into our core services with automation and resilience to protect our global customers and business partners from hackers.
The ideal candidate should be technology savvy with deep knowledge of cybersecurity, web application security, OWASP, networks, cryptography, as well as public cloud security (AWS/Azure/Google Cloud), Kubernetes, Microservices, Terraform, Python, Ansible and CI/CD process. This person will be working majority of the time coding in Java, Golang, Python, and Ansible on automating infrastructure security tasks.
You'll need to have excellent communication and cross-group collaboration skills, be able to make forward progress despite ambiguous circumstances, be a self-starter, a quick learner of new technologies and have experience in product security such as secure application design, static code analysis and web application vulnerabilities. You will be a critical part of the core security engineering team for a high-performance product security automation framework development.
· 2 years of work experience with a Bachelor’s Degree or an Advanced Degree (e.g. Masters, MBA, JD, MD, or PhD)
· Engineering experience working on public cloud (AWS, Azure, Google Cloud) infrastructure and/or security automation - design, development, integration, customization & implementation
· Experience or knowledge on web application security, OWASP, container security, network security, and OS
· Experience with developing microservice-based HTTP applications and servers
· Able to understand the security tools and best practices: CIS Benchmarking, OS hardening, vulnerability scanning, system auditing
· Experience in automating system tasks and infrastructure using a scripting language (Golang, and Python must have), with configuration management tools (Ansible), service registry and discovery tools (Consul and Vault, etcd), infrastructure orchestration tools (Ansible, and Terraform), and automated imaging tools (Packer)
· Experience in automating at least one public cloud deployments (AWS, Azure, Google Cloud) using Terraform or Ansible with deployment pipeline
· Ability to develop and debug automation scripts in json, yaml or bash
· Ability to write technical specs for cloud security automation workflow
· Deep understanding of the Software Development Life Cycle including Continuous Integration and Continuous Deployment (CI/CD) pipeline architecture (Jenkins, GitLab, Drone) including deployments into Kubernetes environments using tools such as Flux or Keel.
· Good to have networking experience both within Linux and with Cisco or Juniper network routers and switches
· Strong analytical skills, able to work independently to solve complex engineering problems. Make independent judgments/decisions within established guideline
· Communicate well with others both verbally and in writing and be able to effectively interact with peers, management and other outside contacts
· The ability to gather and understand business requirements, translate them into technical/operational requirements
· High degree of initiative and sense of urgency, comfortable with ambiguity as needs change on a regular basis
· Self-confident, commands technical authority and respect at all levels
· Desire to be part of an incredible team. That means being someone the team can count on, who communicates honestly and respects others and their views, who adapts quickly to changing priorities, drives positive change, and is committed to giving 100%
§ Essential Functions
- Design and implement agile innovative cloud security automation solutions/infrastructure management solutions that take advantage of technology advances that allow cost reduction, standardization and commodification
- Design, implement and integrate management solutions to effective manage private/hybrid cloud implementation(Openstack, Docker, Kubernetes, AWS and/or Azure) with a strong focus on security automation
- Identify, evaluate, select and engineer highly reliable container scheduling and orchestration solutions that are extremely secure enabling Operations to manage environments simply and effectively, ensure on time, on budget, and quality delivery of shared container platform
- Collaborate with the team to evolve the containerization security ecosystem, establish and mature standards and integration for infrastructure management domains - logging, monitoring, configuration management and orchestration. Identify and implement standard toolsets to reduce complexity and support operational goals for increasing automation across the enterprise
- Champion the adoption of open infrastructure management solutions that are fit for purpose yet forward the Visa goals to keep technology relevant
- Evangelize the cloud and container security management platform standards and capabilities, gain insights of the workflows of Product Development, Engineering and Operations teams, ensure platform relevance and drive adoption, enable the application transformation from monolithic to microservices
§ Physical Requirements
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
The Incumbent is required to make themselves available during core business hours.
This position may require the incumbent to travel for work up to 10% of the time.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.