As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You're an Individual. We're the team for you. Together, let's transform the way the world pays.

Cybersecurity is an integral part of Visa’s corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, and it is the responsibility of each and every employee to safeguard information, protect it from unauthorized access, and ensure regulatory compliance. Information Security has a significant effect on privacy, consumer confidence, external reputation, and it is a priority on everyone’s agenda.

The successful candidate will join the Visa Global Cybersecurity organization and lead a team of cybersecurity analysts in the new Shanghai Security Operations Center.  These analysts are the primary cyber defenders on the frontline protecting Visa networks and systems in China.  The team is part of a larger, global cybersecurity organization located across multiple geographic sites that is responsible for the comprehensive cyber defense of Visa and its subsidiaries.

This position will be based in Shanghai, China.

Responsibilities 

•         Lead a 24x7x365 China Security Operation Center (SOC) operation and seamlessly work with global SOCs to ensure effective Level 1 & 2 analyst operations supporting China business operations.

•         Identify cybersecurity threats and perform analysis of reported anomalies on Visa networks and systems.

•         Mitigate and contain identified threats using approved methodologies when detected.  Initiate escalation procedures and incident response processes as defined in operational plans.

•         Oversee the monitoring of information security alerts though the use of a Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts.

•         Utilize sensor data and correlated logs containing IDS/IPS, AV, Windows events, web proxy, and similar data to establish context and to rule-out false positives.

•         Operationalize actionable intelligence reports from the Threat Intelligence team and external sources.

•         Coordinate the initial workflow and response for varying case types with internal and external teams.

•         Collaborate with operational support staff to ensure they are actively engaged in potential security threats and concerns.

•         This position leads the SOC team staffs who work in shifts supporting a 24x7x365 regional security operations center.  Analysts work a series of 12-hour shifts (followed by days off) in the daytime and operations are transitioned to another operational shift at night.  Staff assigned to the operations center are considered critical and may need to cover holidays and weekends, if scheduled. There are opportunities for overtime while working extra shifts to ensure operational coverage when needed.

Secondary Responsibilities:

 •         Provide feedback to peer teams to enhance the sensor set and improve detection  signature fidelity.

•         Contribute to projects that enhance the security posture of the enterprise.

•         Identify trends, potential new technologies, and emerging threats which may impact the business.

•         Provide technical advice and input for the support of integrated security systems and solutions.

• 4 years of work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD degree

Preferred Qualifications:

• 7-10 years of work experience and a Bachelor’s Degree or 6 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 years of experience with a PhD

• Previous security operations center (SOC) experience is preferred.

• Strong analytical skills and an ability to quickly learn and adapt to new technologies.

• Experience operating and administrating Security Information and Event Management (SIEM) platforms.

• Possess functional knowledge and administrative experience on Windows and Unix/Linux Platforms.

• A solid foundational understanding of TCP/IP and networks to include firewalls, routers, and ACLs.

• Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps.

• Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences.

• Experience with IDS/IPS, Splunk, FireEye, and similar technologies is desired.

• A bachelor’s degree in a technical discipline or a professional certification (e.g. CISSP) is preferred, but is not required.

• Strong capabilities to communicate technical matters in written and spoken English as well as Mandarin Chinese with various stakeholders

• Strong leadership and ownership

   

Work Hours This position requires the incumbent to be available during core business hours.

Travel Requirements This position requires the incumbent to travel for work less than 10% of the time.

Mental/Physical Requirements This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.