Cybersecurity Analyst
Foster City, CA

Job Description

Visa Inc. (NYSE:V) is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world's most advanced processing networks - VisaNet - that is capable of handling more than 65,000 transaction messages a second, with fraud protection for consumers and assured payment for merchants. Visa is not a bank and does not issue cards, extend credit or set rates and fees for consumers. Visa's innovations, however, enable its financial institution customers to offer consumers more choices: pay now with debit, pay ahead with prepaid or pay later with credit products.

Participate in audit, risk and compliance assessments of Identity and Access Management (IAM) activities under the supervision of a Director -IAM. Assist in the design and drive the execution of key areas of IAM audit, risk and compliance assessments. Serve as a key IAM audit and compliance contact, explaining the internal assessment processes and scope, keeping IAM management apprised of IAM key risks and issues, and effectively delivering assessment results to IAM Director. Stay abreast of, IAM industry technology advances and the risk profile of IAM to ensure relevancy of IAM assessment approach.

Responsibilities

* Participate in planning and IAM assessment scope development as well as project execution


* Assess the design and operating effectiveness of complex IAM areas/controls including the performance of detailed walkthroughs with IAM Subject Matter Experts


* Produce detailed IAM controls design and operating effectiveness testing related work papers that can be shared with internal and external auditors


* Provide reports on the design and operating effectiveness of the IAM internal control structure along with recommendations that improve the design, effectiveness, and efficiency of IAM control or process.


* Assess audit findings / gaps including control weaknesses with an appropriate degree of professional skepticism, seeking to fully understand risks to the firm. Assist IAM partners with the development and the implementation of Management Action Plans to mitigate weaknesses, providing thought leadership on the appropriateness of the Plan.


* Provide IAM control consulting services to management to assist in redesign efforts that improve the IAM control environment.


* Promote new ideas and new ways of executing projects and internal infrastructure enhancements.


* Partner with key business stakeholders within Visa (HR/IAM Development/IAM Platforms/Internal Audit/Enterprise Risk and Compliance) for the relevant IAM Processes to improve the compliance posture within Visa


* Provide guidance and direction on access controls and IAM practices to customers


* Demonstrate commitment to IAM strategic vision, be a self-starter, and promote project ownership and responsibility for actions.


* Bachelor's or Master's degree in computer science, management information systems, or in STEM (Science, Technology, Engineering, or Math).


* 5-10 years of deep technical experience in one of more of the following domains: information security, distributed operating systems, databases, network technology, mobile payments, tokenized services, cloud-based and virtualized environments, IBM mainframe, or Hadoop.


* Strong audit and compliance background


* Experience evaluating IAM controls associated with complex business applications.


* Strong time management skills.


* Excellent written and oral communication skills.


* Dynamic, hard-working and ambitious individual, with excellent oral and written communication skills



Highly desirable:

* IT Audit certifications or other audit related certifications (e.g., CISA, CFE, etc.).


* Technical certifications or other information security certifications (e.g., CISSP, CEH, CISM, etc.).


* Project Management certifications (e.g., PMP, Prince2, etc.).


* Work experience in a large financial institution or a matrix organization.



All your information will be kept confidential according to EEO guidelines.