Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cybersecurity Engineer

V

Visa

Cybersecurity Engineer

Austin, TX
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

    Visa's Cyber Security team is looking for a Cybersecurity engineer with expertise in Application Security domain, who will be responsible to define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that application security vulnerabilities are mitigate. Very strong application security and web application development experience and team leadership skills are a must. In this position, you are a passionate and talented application security engineer with very deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities and best practices design and threat modeling skills who can work in a dynamic environment. You must be dedicated to able to work with developers in producing secure code in short time frames and be willing to go beyond the standard routine.

    ESSENTIAL FUNCTIONS

    • Be a product security champion by driving Security Architecture and Design, implementation and optimization for Web, API and Mobile backend applications across Visa.
    • Engage in the initial requirements definition including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards.
    • Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
    • Facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
    • You’ll be working on enabling/building security controls which protect the applications from attacks on various platforms and technologies, like:
      • Linux, Windows, VMWare, Openstack, SDN, Public cloud like AWS, Google
      • Web technologies like HTTP, SOAP, REST services, AJAX
      • Databases like Oracle, MS SQL, MySQL, Redis, Cassandra
      • Programming languages like Java, C, C++, .Net, Swift, Javascript, GoLang, etc
      • Caching services like Hazelcast, Coherence, and messaging systems like Kafka, MQ
      • Web Access Management solutions like Forgerock, Siteminder, Custom/in-house Security Frameworks
      • Cybersecurity tools like IDS, SIEM, Tripwire, Tanium, Netwitness, Netflow, WAF
      • HSMs, Tokenization systems, data encryption solutions from Safenet, Vormetric etc
    • Automate security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices for web and mobile applications.
    • Help business and product team to achieve various compliance certifications like PCI, FFIEC etc.
    • Identify and analyse system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.
  • Qualifications

    Qualifications

    BASIC QUALIFICATIONS

    • 2 years of work experience with a Bachelor’s Degree or an Advanced Degree (e.g. Masters, MBA, JD, MD, or PhD)

    PREFERRED QUALIFICATIONS

    • 4-5 years of experience with Bachelor's degree or 2-3 years of experience with Master's degree in Computer Science
    • 2-3 Years of Experience in Web Application Security, SSDLC and Threat Modelling with MS/BS degree in Information System management / Computer Science / Information Security or a related technical discipline, at least 2 years of Software Development experience
    • Excellent knowledge on Web Application Security, Threat Modelling and OWASP.
    • Strong knowledge of deep design review and Secure Development Lifecycle methodologies, Agile based methodologies, middleware platforms, development platforms (Java, C, C++, .NET etc.).
    • Strong knowledge of data protection concepts and cryptographic fundamentals, encryption algorithms
    • Experienced hands on SW development in C/Objective-C/C++/Swift/Java/.Net/JavaScript/GoLang
    • Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.

    Additional Information

    WORK HOURS

    This position requires the incumbent to be available during core business hours

    TRAVEL REQUIREMENTS

    This position requires the incumbent to travel for work 0-5% of the time

    PHYSICAL REQUIREMENTS

    This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.

    Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

  • Industry
    Financial Services