Senior Information Security Analyst
- Bengaluru, Karnataka, India
Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do: Our VisaNet network processes over 13,000 transactions per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks. We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy.
Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the
convenience and security of digital currency to people all over the world. Join ur team and find out how Visa is everywhere you want to be.
“Visa will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of Article 49 of the San Francisco Police Code.”
This hands-on position will serve as part of Visa's Cybersecurity Third Party (3P) technology Risk Management team, providing oversight, coordination, and delivering the activities supporting successful risk management activities around third parties for VISA. Members of this team work across a number of stakeholders who work with third parties to ensure appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet VISA Key control requirements and mitigate any risks that are associated to with third parties. The success of this unit requires dedicated professionals who possess the analytical, feasibility, relationship and executive summary skills needed to form highly reliable risk management strategies to meet various Visa Inc. requirements along with compliance and regulatory requirements
Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements.
Must have 6+ years of work experience including leadership roles in Cybersecurity, Audit, Risk, and/or Compliance. Open to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) as long as candidate can demonstrate relevancy to this Cybersecurity based role.
Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce risk to an acceptable and manageable level
Provide accurate and timely reporting of findings and proposed remediation and mitigations
Must have 6+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others
Must have 6+ years audit and risk management experience that includes a broad understanding of the software delivery process, professional services consulting and/or program management.
Must have 6+ years of experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies.
Must have 6+ years of progressively responsible management experience in the following areas: planning, budget/forecast/financial management, and staffing
Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to financial industry
Demonstrated ability to manage implementations of large-scale, complex, multi-disciplined, cross-functional and highly visible projects/programs.
In depth knowledge of:
- Current information security and compliance vendor landscape
- Control frameworks such as COSO
- Strong understanding of regulations/standards in particular PCI-DSS, GLBA, FFIEC
- Ability to direct and lead cross-functional, cross-vendor teams
- Must be experienced in Project Management Methodologies and experienced in mentoring less experienced project personnel
- Certified Information Security Auditor/Manager (CISA/M) designation or CISSP
- Excellent communicator with strong client relationship focus with business sponsors, enterprise architects, and information security engineers to articulate business case and technology options
- Practical experience managing multiple large-scale compliance/audit projects simultaneously, strong internal consulting, customer account management, and defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus
- Proven experience proposing enterprise level solutions to mitigate risk
1. Specialization in information security, cyber security or risk management as part of the Bachelor’s degree
2. Professional experience in audit, information security or information technology consulting or risk management
3. Basic information security certification
4. Basic understanding of information security related tools such as SIEM, IPS, Firewalls and DLP tools
5. Big Four Consulting experience (E&Y, PwC, Deloitte or KPMG)