Director Cyber Security Engineering (Detection Engg)
- Bengaluru, India
Common Purpose, Uncommon Opportunity. Everyone at Visa works with one goal in mind – making sure that Visa is the best way to pay and be paid, for everyone everywhere. This is our global vision and the common purpose that unites the entire Visa team. As a global payments technology company, tech is at the heart of what we do. CyberSource, a Visa company, has been and continues to be a pioneer within the e-Commerce Payment Management world. Our VisaNet network is capable of handling over 65,000 transaction messages per second for people and businesses around the world, enabling them to use digital currency instead of cash and checks.
We are also global advocates for financial inclusion, working with partners around the world to help those who lack access to financial services join the global economy. Visa’s sponsorships, including the Olympics and FIFA™ World Cup, celebrate teamwork, diversity, and excellence throughout the world. If you have a passion to make a difference in the lives of people around the world, Visa offers an uncommon opportunity to build a strong, thriving career. Visa is fueled by our team of talented employees who continuously raise the bar on delivering the convenience and security of digital currency to people all over the world. Join our team and find out how Visa is everywhere you want to be.
Cybersecurity is an integral part of Visa’s corporate culture. It is important to maintaining our position as an industry leader in electronic payments. At Visa, we believe that it is the responsibility of each and every employee to safeguard information, protect it from unathorized access, and ensure regulatory compliance. Cybersecurity has a significant effect on privacy, consumer confidence, external reputation, and it is a priority on everyone’s agenda.
You're an Individual. We're the team for you. Together, let's transform the way the world pays.
Cyber Security is an integral part of Visa’s corporate culture. It is important to maintaining our position as an industry leader in electronic payments. At Visa, we believe that it is the responsibility of each and every employee to safeguard information, protect it from unauthorized access, and ensure regulatory compliance. Cyber Security has a significant effect on privacy, consumer confidence, external reputation, and it is a priority on everyone’s agenda.
In this critical leadership role, you will take a lead role in the continued innovation of Visa’s Cyber Security strategy and drive Visa’s competitive advantage in payments by facilitating a best in class security infrastructure. You will be responsible for leading a premier engineering team that develops, operates and supports a heterogeneous security infrastructure on a global scale. You will build and lead the Cyber Security Engineering program and lead a team of high performing engineers, analysts and data scientists. By working with other groups such as Global Network Engineering, Operations, Data Science and Application Development organizations, you will perform the role of a strategic thinker and have the operational gravitas to run one of the best technical functions in the company. In this role, you will also work with Visa’s executive committee members
• Instill a culture that works toward the highest standards in security engineering while ensuring that business requirements are understood and adhered to and security risks in new and existing infrastructure are properly understood and mitigated.
• Provide leadership and direction in the innovation of bleeding-edge security technologies and utilizing a risk-based approach to properly test and introduce them into the overall environment.
• Be passionate in the pursuit of securing Visa’s data and critical assets
• Recruit, develop, and retain a talented group of technology professionals for this core security engineering function.
• Collaborate with colleagues in technology departments as well as the business and product offices to establish effective, productive business relationships.
- Bachelor’s degree in engineering, computer science, information security, or information systems from Tire-I University / College .
- Must have , atleast 13+ years of total experience in the field of cyber security .
- Must have , atleast 5+ years of experience and hands-on expertise on either of one : Web Application Firewall (WAF) , Database Access Management (DAM) , SIEM
- Good to have , atleast 5+ on penetration testing, security infrastructure tuning / deployment .
- At least 5+ years of leadership role, which includes managing security experts, mentoring , meeting business goals as leader .
- Experience delivering large scale, highly available security solutions
- Dynamic leader who has directly managed team of highly competent developers in fast paced work environment
- Strong business and technical vision
- Ability to handle multiple competing priorities in a fast-paced environment
- Experience demonstrating strong leadership, self-motivation and accountability
- Experience on leading complex projects cross-functionally and globally
- Financial services and card payments experience is a plus
- Excellent communication skills and Excellent team player
- Relevant certification such as CISSP, SANS GPEN, SANS GXPN, SANS GIAC, SANS GREM, Splunk Certification etc.
- OSCP (Offensive Security Certified Professional ) is a Plus
- Lead a team of security engineering professionals responsible for planning, design, implementation, attack mitigation and ongoing support of security systems of high complexity to fulfill the business needs
- Provide technical deep understanding of security systems at different layers. Such as network , cloud, endpoint ,advance malware defense , data security etc
- Work closely with security experts. Guide and mentor them on day to day working .
- Work with all interfacing teams to define and baseline the system uptime SLAs.
- Work with other Cyber Security teams to effectively and efficiently manage endpoint protections. In doing so work closely with research team, undertake research of threat vectors and provide mitigation strategies.
- Work with stakeholders, mentoring and providing technological guidance on network security.
- Manage staff, including selection, goal setting, annual reviews, and compensation planning and career development.
- Provide recommendations to management team to increase effectiveness of organization and technology solutions.
- Develop and nurture team of security team by motivating and mentoring, and assist in hiring critical talent.
- Effectively manage cross-functional internal and external team collaboration, and communications.
- Prioritization, planning of projects and features, stakeholder management and tracking of external commitments
- Respond to and assist with due diligence and internal / external security audit requests.
- Represent Visa at international information security and cyber security communities globally.
- Supports, implements and promotes standard configuration and change management, processes and practices
- Identify opportunities for further enhancements and refinements to security standards and processes.
WAF Security (Must have):
- Engineers, configures, deploys, and maintains Web Application Firewall solutions
- Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
- Develops advanced alerts/reports to meet the requirements of key stakeholders
- Develops automation for security tools management and workflow integration
- Creates WAF rules to mitigate threats and implements best practices
Database Security (Must have):
- Experience with Imperva and/or IBM Guardium database activity monitoring solutions
- Experience in database security and administration (Oracle, MySQL/SQL, DB2)
- Experience working with Big Data platforms/non-relational databases
- Experience working with Hadoop, Mongo, Cassandra and other NoSQL DBs
- Experience developing Data Analytics/Anomaly detection algorithms
Application Logging (Must have):
- Expertise in Log aggregation, Correlation and alerting using commercial and Opensource tools
- Experience in administration of commercial and Opensource SIEM solutions
- Experience with Splunk, QRadar, Sumologic, ELK, SyslogNG, Kafka, Fluentd
Development Experience ( Plus):
- Expert Python Scripting, Perl, Shell scripting and SecDevOps/automation
- Excellent experience with Regular Expressions
Application Security ( Plus):
- Knowledge of SSDLC processes
- Required knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
- Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
- Experience with Web Application Firewall management and rules
- Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
- Excellent understanding of common network and web protocols
- Excellent understanding of DDoS techniques and mitigation mechanism
Cyber Defense and Incident Response (Plus):
- Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
- Prior experience in Security Operations and Incident Response
- Excellent understanding of Cyber Security Operations, Incident Response processes
Think you have what it takes?
If you are interested in a career that will challenge and inspire you – we’d love to hear from you!
Diversity & Inclusion
Universal acceptance for everyone, everywhere, is not only our brand promise, it’s the foundation of our company culture. We foster a feeling of connectedness in the workplace, support diversity of thought, culture and background, fight for important initiatives like Equal Pay and actively work to eliminate unconscious biases that hold us all back.
By leveraging the diverse backgrounds and perspectives of our worldwide teams, Visa is a better place to work and a better business partner to our clients.
All your information will be kept confidential according to EEO guidelines.
Back to top