As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You're an Individual. We're the team for you. Together, let's transform the way the world pays.

Position Summary

Cybersecurity is an integral part of Visa’s corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats.  If you would like to join a company where security is truly valued, where you can work with like-minded peers who are passionate about the art & science of cyber defense, and where you can use state of the art tools for maximum impact, then we have a home for you.

The successful candidate will join a team of Cybersecurity analysts in the new Shanghai Security Operations Center.  These analysts are the primary cyber defenders on the frontline protecting Visa networks and systems in China.  The team is part of a larger, global cybersecurity organization which is located across multiple geographic sites that is responsible for the comprehensive cyber defense of Visa and its subsidiaries.

Responsibilities

•       Identify cybersecurity threats and perform analysis of reported anomalies on Visa networks and systems.

•       Mitigate and contain identified threats using approved methodologies when detected.  Initiate escalation procedures and incident response processes as defined in operational plans.

•       Monitor information security alerts though the use of a Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts.

•       Utilize sensor data and correlated logs containing IDS/IPS, AV, Windows events, web proxy, and similar data to establish context and to rule-out false positives.

•       Operationalize actionable intelligence reports from the Threat Intelligence team and external sources.

•       Coordinate the initial workflow and response for varying case types with internal and external teams.

•       Collaborate with operational support staff to ensure they are actively engaged in potential security threats and concerns.

This position is staffed in shifts supporting a 24x7x365 regional security operations center.  Analysts work a series of 12-hour shifts (followed by days off) in the daytime and operations are transitioned to another operational shift at night.  Staff assigned to the operations center are considered critical and may need to cover holidays and weekends, if scheduled. There are opportunities for overtime while working extra shifts to ensure operational coverage when needed.

Basic Qualifications:

• 2 years of work experience with a Bachelor’s Degree or an Advanced Degree (e.g. Masters, MBA, JD, MD, or PhD)

Preferred Qualifications:

• 3 or more years of work experience or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
• A bachelor’s degree in a technical discipline or a professional certification (e.g. CISSP) is preferred, but is not required.
• A minimum of 3 to 5 years of work experience supporting technical or support operations.  Previous security operations center (SOC) experience is preferred.
• Strong analytical skills and an ability to quickly learn and adapt to new technologies.
• Experience operating and administrating Security Information and Event Management (SIEM) platforms.
• Possess functional knowledge and administrative experience on Windows and Unix/Linux Platforms.
• A solid foundational understanding of TCP/IP and networks to include firewalls, routers, and ACLs.
• Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps.
• Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences.
• Experience with IDS/IPS, Splunk, FireEye, and similar technologies is desired.
• Ability to communicate technical matters in written and spoken English & Mandarin Chinese.

Work Hours This position requires the incumbent to be available during core business hours.

Travel Requirements This position requires the incumbent to travel for work less than 10% of the time.

Mental/Physical Requirements This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.