Cybersecurity Engineer

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Job Description

Cybersecurity is at the beating heart of our culture. Our diligence and expertise is what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Cybersecurity team, poised to defend us against any potential cyber threats. We’re looking for those of you who are inherently driven and fascinated by the art and science of cybersecurity and more specifically, mergers and acquisitions with a specific focus on Cybersecurity integration. We’ll equip you with the very best tools and tech so that you can deliver top notch results. Continuous self-development underpins job fulfilment at Visa.

As a Cyber Security Engineer within the Cybersecurity M&A Team, you are uniquely placed to utilise and grow your engineering and defence skills across a myriad of security technologies. Your role will cover:

Cyber Engineering:

• Configure, deploy, and maintain security solutions and processes i.e. IDS, FIM, WAF, SASE, Firewalls, Web Proxies, vulnerability scanners.
• Configure, deploy, and maintain cloud security controls in Public Cloud.
• Develops advanced alerts/reports to meet the requirements of key stakeholders.
• Automate security tools management and workflow integration.
• Collaborate with other Cybersecurity and Engineering teams to address specific business needs.
• Develop SIEM correlation rules, enrichments, dashboards, reports, and alerts that appropriately characterize cyber-attacks and mitigations.
• IAM experience, Active Directory, SSO, MFA.
• Excellent understanding of common network and web protocols.
• Excellent understanding of DDoS techniques and mitigation mechanisms.

Cyber Defense and Incident Response: 

• Monitor Information Security alerts using Security Information and Event Management (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts.
• Utilize sensor data and correlated logs containing AV, IDS, Windows events, Web Proxy, and similar data to establish context and rule out false positives.
• Mitigate and contain identified threats using approved incident response methodologies. Initiate escalation procedures and incident response processes as defined in operational plan.
• Perform analysis of security alerts to evaluate risk, determine containment action and identify required preventative measures.
• Ensure proper documentation of security incidents including attack details.
• Interact and aid other investigative teams within Visa on time sensitive, critical investigations.
• Provide feedback to peer teams to enhance security sensor and improve detection capability.
• Collaborate with operational support teams to ensure they are actively engaged in addressing potential security threats that can impact business.
• Contribute to projects that enhance the security posture of the enterprise.
• Operationalize actionable Threat Intelligence reports from internal and external sources.
• Identify trends, potential new technologies, and emerging threats which may impact the business.
• Respond to incoming reports of security incidents from the organization via calls and emails.

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.

Qualifications

• 2-3 years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
• Cybersecurity related certification. i.e. CISSP, CEH, OSCP, GSEC, GCIH, GCIA, GCED, GCFA, CySA+
• Direct experience in handling cyber security incidents and associated incident response tools
• Demonstrated experience in an enterprise-level incident response team or security operations
• Strong working knowledge of common security tools such as SIEM, AV, WAF, IDS, Netflow, Packet Analyzers, and Endpoint Detection & Response tools
• Experience in operating and utilising Security Information and Event Management tools
• Strong knowledge of malware families and network attack vectors
• Solid understanding of TCP/IP and internetworking technology including packet analysis, routing, and network security defences
• Strong knowledge of operating systems, network services, and applications
• Knowledge of web application security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, and API attacks
• Good understanding of Web Application Security risks
• Knowledge of OWASP top 10 vulnerabilities and mitigation strategies.
• Excellent understanding of DDoS techniques and mitigation mechanisms
• Strong understanding of cloud technologies and related security best practices
• Experience with Enterprise scale multi-tenant Cloud/SaaS web environments
• Knowledge of PCI DSS, ISO27001, ISAE3402, and other regulatory frameworks
• Familiarity with DevSecOps CI/CD concepts, automation tooling, containerisation, and automation.
• AI and automation skills, including machine learning algorithms and frameworks, and AI models for cybersecurity applications
• Programming and scripting experience
• Display great problem-solving skills, with tenacity and resilience to resolve issues.
• Excellent communication and presentation skills with proven ability to present analytical data effectively to varied audiences
• Strong interpersonal and leadership skills to influence and build credibility as a peer

Additional Information

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.