Security Architect – Network & Infrastructure
- Bengaluru, Karnataka, India
As the world’s leader in digital payments technology, Visa’s mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You’re an Individual. We’re the team for you. Together, let’s transform the way the world pays.
Fascinated by the future and captivated by technology?
Smart, driven and want to make a difference in the world?
You’ll fit right in.
Join a diverse team at Visa, where your individuality fits right in. We can provide the opportunity to shape the payments experience globally. Together, let’s transform the way the world pays.
Think you know us?
Our mission is to connect the world through the most innovative, reliable and secure digital payment network that enables individuals, businesses and economies to thrive.
Individuality fuels our brand and our global team – we’re proud that we are a talented team of 15,000 individuals with unique backgrounds, perspectives and experiences. Therefore, we understand that you are much more than your day job. We encourage quality of life outside of the office, whether it’s taking advantage of agile work schedules or our wellness programs, Visa respects and encourages meaningful work/life balance for everyone.
So, if you’re not satisfied with the status quo, we can satisfy your desire to explore new territory, giving you the runway to really make an impact, whilst connecting you with teams around the world in a truly inclusive culture that celebrates our uniqueness.
If you think you could truly support the security of Visa as a Security Architect – Network & Infrastructure, we want to hear from you.
Security Architect – Network & Infrastructure
What’s it all about?
Cybersecurity is at the beating heart of our business. Our diligence and expertise is what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Security Architecture team, poised to defend us against any potential cyber threats.
We’re looking for those of you who are inherently driven and fascinated by the art and science of cyber defence. We’ll equip you with the very best tools and tech so that you can deliver top notch results.
Continuous self-development underpins job fulfilment at Visa. As a Security Architect, you’ll be enthused by working on a wide-range of enterprise and customer-facing projects, as well as the chance to work with top notch professionals to learn with and from.
What we expect of you, day to day
So what do we expect of you day to day? Here’s a bit of a heads up:
The Security Architect will work as a member of the Global Cybersecurity organization – Security Architecture team, which is focused on improving technology and architecture decision-making through collaboration with management, staff and customers on technology strategy, enterprise architecture, and investments in strategic security technology.
The individual, with a broad cybersecurity plus systems and network architecture knowledge and experience, will provide overall direction, lifecycle management and leadership for security architecture and technology. The individual will perform a lead role in various critical initiatives through the identification, analysis, evaluation, lifecycle management and adoption of security architectures and technologies. The Security Architect will work closely with other security functions and will provide guidance to ensure that there is coordination with their activities in technology choices. In addition, the Security Architect will be involved with education and mentorship, supporting the delivery framework, development of technical architecture documentation, and advanced topics research.
· Leading and contributing to the security posture of Visa’s networks and systems, data centre infrastructures, cloud architectures and solutions
· Developing, contributing and management of Security Architecture Specifications, Security Architecture Analysis, Threat-Modelling, Security Requirements, Security Standards and Design Patterns, Reference Architectures, Security Strategies and Roadmaps
· Applying security design principles to develop security solutions architectures
· Providing strategic points of view for security solutions
· Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy
· Developing security solutions to enable execution of the long-term security architecture in the infrastructure security area
· Driving security technologies evaluations, proof-of-concepts, and production pilots
· Building strong cross-organizational relationships and effectively influencing staff across the IT organization and product groups
· Managing lifecycle of security technologies
· Working closely with the other technology architects to ensure that security is properly embedded in their technology domains architectures
· Assisting other architects in defining the variance processes and making variance decisions
· Evaluating and assessing risk as part of lifecycle management
· Staying current with security technologies and making recommendations for use based on business value
· Advising leadership on Cybersecurity issues, systems, processes, products, and services.
· Maintaining oversight of the design and implementation of IT systems to ensure appropriate and effective security controls are included.
· Contribute to the definition of overall IT architecture from a cybersecurity lens.
What we’re after…
· Moderate to significant Cybersecurity, engineering and design experience in Networks, Data Center Systems, and Cloud Infrastructure and Platforms (IaaS security, PaaS security)
· Good experience in threat-modelling of complex systems
· Experience in delivering comprehensive architecture specifications for complex infrastructure security solutions
· Experience with creating technical documentation: product documentation, technology and systems/network architecture, and technical whitepapers.
· Working experience with the following security technologies: Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions
· Experience with open source security technologies
· Strong knowledge and working experience with SDN (Software-Defined Networking), NFV (Network Function Virtualization), and network virtualization/overlays; microsegmentation
· Strong hands on cloud architecture, with knowledge and working experience in: OpenStack, Cloud Foundry, Server Virtualization hypervisors (KVM, Xen, Hyper-V, VSphere), Linux Containers technologies (Docker, Mesos, Kubernetes), and distributed computing
· Strong expertise and experience with Linux and Linux security
· Programming/coding and DevOps experience is a plus (Python, Ansible, Chef)
· Solid understanding of and ability to speak to security principles in areas such as network, systems, virtualization, cloud technologies, access control.
· Proven ability to troubleshoot and resolve complex technical issues at Expert level.
· Experience integrating multiple vendor products
· Preferred certifications include: MCSE, CCNP, CCIE, CISSP, TOGAF
· Hands-on experience and strong understanding of technology and enterprise security
· Some experience with compliance, regulatory and legal requirements relevant to the payments processing industry such as PCI, SOX, Bank of England, and GDPR.
· Strong understanding of relevant Industry Principles, Best Practices, and Standards, such as PCI, NIST, ISO, IEEE, and TCG
· Strong cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions.
· Has good understanding of the SSDLC process and follows the process to effectively develop and design solutions.
· Ability to function as an individual contributor and mentor/leader detached from the corporate environment.
Think you have what it takes?
If you are interested in a career that will challenge and inspire you – we’d love to hear from you!
Diversity & Inclusion
Universal acceptance for everyone, everywhere, is not only our brand promise, it’s the foundation of our company culture. We foster a feeling of connectedness in the workplace, support diversity of thought, culture and background, fight for important initiatives like Equal Pay and actively work to eliminate unconscious biases that hold us all back.
By leveraging the diverse backgrounds and perspectives of our worldwide teams, Visa is a better place to work and a better business partner to our clients.
- 4 years of work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD degree
- 7-10 years of work experience and a Bachelor’s Degree or 6 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 years of experience with a PhD.
- You will have significant progressive experience in building secure applications preferably payment platforms, systems that can withstand all types of threats from various threat agents.
- You will have a deep understanding of current compliance, regulatory and legal requirements relevant to the transaction processing industry such as PCI, HIPPA, SOX, and GLB.
- Knowledge of administrative, physical and technical controls that could be built around networks, systems and applications to secure them.
- A proven record of accomplishment in designing security controls for complex web applications with backend services expertise such as API Gateway, Identity and Access Management Services, Data Protection technologies, Security Information Event Management etc.
- Strong knowledge of deep design review and Secure Development Lifecycle methodologies, Agile based methodologies, middleware platforms, development platforms (Java, C, C++, .NET etc.)
- An individual with experience of working on large scale cloud based services (including SaaS, PaaS, IaaS) and very understanding of security challenges involve in deploying Cloud Applications
- Knowledge of Software development in either of C/Objective-C/C++/Swift/Java
- Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
- Incumbent must make themselves available during core business hours
- This position requires the incumbent to travel for work 0-5% of the time
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law