Cybersecurity Engineer

The role will work as a member of the Global Cybersecurity organisation - Security Architecture team, which is focused on improving technology and architecture decision-making through collaboration with management, staff and customers on technology strategy, enterprise architecture, and investments in strategic security technology.

The individual, with a broad cybersecurity plus systems and network architecture knowledge and experience, will deliver security assessments while supporting our direction, lifecycle management and leadership for security architecture and technology. The individual will perform a key role in Security assessments while supporting various critical initiatives through the identification, analysis, evaluation, lifecycle management and adoption of security architectures and technologies. The Security Architect will work closely with other security functions and will provide guidance to ensure that there is coordination with their activities in technology choices. In addition, the Security Architect will be involved with education and mentorship, supporting the delivery framework, development of technical architecture and associated documentation, as well as advanced topics of research.

Essential Functions:

• Be a product security champion by driving Security Architecture and Design, implementation and optimization for Web, API and Mobile backend applications across Visa.

• Applying security design principles to develop security solutions architectures

• Engage in the initial requirements definition including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards.

• Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.

• Facilitate 'table-top'/red-team/scenario analysis exercises in conjunction with other SMEs. Plan the resolution of any identified vulnerabilities/issues.

• You’ll be working on enabling/building security controls which protect the applications from attacks on various platforms and technologies, like:

  • Linux, Windows, VMWare, Openstack, SDN, Public cloud like AWS, Google

  • Cybersecurity tools like IDS, SIEM, Tripwire, Tanium, Netwitness, Netflow, WAF

  • HSMs, Tokenization systems, data encryption solutions from Safenet, Vormetric etc

  • Web technologies like HTTP, SOAP, REST services, AJAX

  • Databases like Oracle, MS SQL, Redis, Cassandra

  • Programming languages like Java, C, C++, .Net, Javascript, GoLang, ErLang, etc

  • Caching services like Hazelcast, Coherence, and messaging systems like Kafka, MQ

  • Web Access Management solutions like Forgerock, Siteminder, Custom/in-house Security Frameworks

• Help business and product team to achieve various compliance certifications like PCI, FFIEC  etc.

• Identify and analyse system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.

• Driving security technologies evaluations, proof-of-concepts, and production pilots

• Building strong cross-organisational relationship through integration with the teams, in order to effectively influencing staff across the IT organisation and product groups

• Managing the lifecycle of security technologies

• Staying current with security technologies, as well as development techniques and methodologies in order to make recommendations for use based on business value

• Maintaining oversight of the design and implementation of IT systems to ensure appropriate and effective security controls are included.

• Contribute to the definition of overall IT architecture from a cybersecurity lens.

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.

Basic Qualifications:
• 2+ years of relevant work experience and a Bachelor’s degree, OR 5+ years of relevant work experience

Preferred Qualifications:
• 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
• Significant Cybersecurity, Architecture and Design experience in Networks, Data Centre Systems, and Cloud Infrastructure and Platforms (IaaS security, PaaS security)
• Strong experience in threat-modelling of complex systems
• Comprehensive Cybersecurity consulting and security assessment experience in a relevant industry
• Experience in delivering comprehensive architecture specifications for complex security solutions
• Experience with creating or contributing to technical documentation: product documentation, technology and systems/network architecture, and or technical whitepapers.
• Strong working experience with the following security technologies: Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions
• Experience with open source based security technologies
• Strong knowledge and working experience with SDN (Software-Defined Networking), NFV (Network Function Virtualization), and network virtualization/overlays
• Strong hands on cloud architecture, with knowledge and working experience in: OpenStack, Cloud Foundry, Server Virtualization hypervisors (KVM, Xen, Hyper-V, VSphere), Linux Containers technologies (Docker, Mesos, Kubernetes), and distributed computing
• Programming/coding and DevOps experience is a plus (Python, Ansible, Chef)
• Solid understanding of and ability to speak authoritatively to security principles in areas such as network, systems, virtualization, cloud technologies, access control.
• Proven ability to troubleshoot and resolve complex technical issues at Expert level
• Experience integrating multiple vendor products
• Preferred certifications include: CISSP, OpenStack Certification, TOGAF, SABSA
• Hands-on experience and strong understanding of technology and enterprise security
• Strong understanding of relevant Industry Principles, Best Practices, and Standards, such as PCI, NIST, ISO, IEEE, and TCG
• Experience working in a global organisation with the need to deliver regional requirements
• Strong cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions.
• Has solid understanding of the SSDLC process and follows the process to effectively develop and design solutions.
• Skilled to liaise with and influence multiple stakeholders in a matrix environment
• Ability to function as an individual contributor and mentor/leader detached from the corporate environment

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.