Senior Application Security Engineer
Company Description
Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories, dedicated to uplifting everyone, everywhere by being the best way to pay and be paid.
At Visa, you'll have the opportunity to create impact at scale — tackling meaningful challenges, growing your skills and seeing your contributions impact lives around the world. Join Visa and do work that matters — to you, to your community, and to the world.
Progress starts with you.
Job Description
The Senior Application Security Engineer will play a key role within the Application Security team, providing hands-on technical expertise, guidance, and enablement to development teams across Featurespace. This position is responsible for enhancing application security by assessing vulnerabilities, promoting secure development methods, offering guidance on remediation, and making sure Visa’s security standards and requirements are met.
Want more jobs like this?
Get jobs in Reading, United Kingdom delivered to your inbox every week.
This position requires strong technical capability, excellent communication skills, and the ability to work collaboratively across engineering, product, and security stakeholders.
Core Responsibilities:
Application Security & Vulnerability Support:
- Review and triage findings from application security tooling, including SAST, DAST, SCA, and container scanning solutions.
- Provide technical guidance to development teams to support remediation of vulnerabilities and improve security posture.
- Conduct or support penetration testing and targeted security assessments where appropriate.
- Review and escalate critical application security risks to the appropriate technical and business stakeholders.
Secure Development & Engineering Partnership:
- Support engineering teams in understanding and meeting Visa security standards and requirements.
- Provide coaching, best practices, and security knowledge sharing to promote secure development across the organization.
- Deliver training sessions for technical and non‑technical groups on application security topics and processes.
Process & Governance:
- Contribute to continuous improvement of application security processes, tooling, and standards.
- Support exception management, including reviewing risk acceptance submissions and documenting decisions.
- Assist with compliance and evidencing requirements related to application security activities.
Collaboration & Communication:
- Partner closely with development, DevOps, infrastructure, and product stakeholders to drive secure design and remediation outcomes.
- Share expertise and mentor other members of the Application Security team.
- Participate in relevant cross-functional forums (e.g., BCWG) where application security topics arise.
This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.
Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field—or equivalent hands-on experience.
Demonstrable experience in application security engineering, secure development, vulnerability management, or related security domain.
Familiarity with common AppSec tooling: SAST, DAST, SCA, container scanning, and cloud security tools.
Experience supporting compliance or regulatory requirements (e.g., PCI DSS).
Relevant certifications (e.g., OSCP, OSWE, GWAPT, CISSP) are desirable.
Skills & Attributes:
Strong technical proficiency across application security and vulnerability research.
Excellent understanding of secure coding principles, common vulnerability classes, and modern application architectures.
Strong analytical mindset and critical assessment skills to evaluate findings and advise on secure solutions.
Excellent interpersonal and communication skills, capable of influencing and guiding engineering teams.
Ability to evolve with the role as technologies, threats, and team needs change.
Additional Information
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Perks and Benefits
Health and Wellness
- Long-Term Disability
- HSA With Employer Contribution
- On-Site Gym
- Health Insurance
- Dental Insurance
- Vision Insurance
- Life Insurance
- Short-Term Disability
- Health Reimbursement Account
- Mental Health Benefits
- Virtual Fitness Classes
- HSA
Parental Benefits
- Fertility Benefits
- Family Support Resources
- Birth Parent or Maternity Leave
- Non-Birth Parent or Paternity Leave
Work Flexibility
- Flexible Work Hours
- Remote Work Opportunities
- Hybrid Work Opportunities
Office Life and Perks
- Commuter Benefits Program
- Company Outings
- On-Site Cafeteria
- Holiday Events
- Happy Hours
- Casual Dress
Vacation and Time Off
- Paid Holidays
- Paid Vacation
- Volunteer Time Off
- Summer Fridays
- Leave of Absence
- Personal/Sick Days
Financial and Retirement
- 401(K)
- Relocation Assistance
- Performance Bonus
- Stock Purchase Program
- Company Equity
- 401(K) With Company Matching
- Financial Counseling
Professional Development
- Shadowing Opportunities
- Access to Online Courses
- Promote From Within
- Learning and Development Stipend
- Tuition Reimbursement
- Mentor Program
- Leadership Training Program
- Associate or Rotational Training Program
- Lunch and Learns
- Internship Program
- Professional Coaching
Diversity and Inclusion
- Diversity, Equity, and Inclusion Program
- Employee Resource Groups (ERG)