Sr. Cybersecurity Analyst - Regulatory, Audit, and Compliance

This Sr. Cybersecurity Analyst position will serve as part of Visas Cybersecurity Regulatory Audit and Compliance function within the Cybersecurity Governance Risk and Compliance and M&A Integration (GRC) team reporting to Director/Sr. Director. This position will provide oversight coordination and deliver the activities that support successful internal audits external audits and compliance regulatory activities and external customer/client requests while effectively balancing the individual elements of these activities.  

In addition this role will ensure ongoing design and effectiveness of Cybersecurity controls across Visa (both automated and manual) working with technology/business control owners across the Visa organization and using a variety of industry standards during the assessments.

Essential Functions

• Provide oversight coordination and delivering the activities that support successful internal audits external audits and compliance regulatory activities and external customer/client requests.

• Assist with validating the ongoing effectiveness of Cybersecurity controls across Visa (both automated and manual) working with a variety of control owners within the Cybersecurity organization and evaluating control design and standards in a variety of program areas. You will be assessing the security on various platforms and technologies from attacks like:

  • Payment processing platforms Payment Wallet solutions Consumer facing applications COTS products deployed in house

  • SaaS PaaS and IaaS public cloud offerings

  • Mainframe Linux Windows and virtual machines

  • IDS SIEM WAF Firewalls

  • HSMs Tokenization systems data encryption solutions

  • APIs Web technologies

  • Relational and noSQL databases

  • Access Management solutions

• Stay up to date on new security tools & techniques in the information security space

• Good understanding of regulatory standards that will help Cyber teams to achieve various compliance certifications like PCI FFIEC RBI etc.

• Influence beyond immediate team and with those of more experience/seniority

• Develop data points into Information Security risk management reporting activities including dashboards metrics and executive reporting content

• Update Cybersecurity leadership on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.

• Develop dashboards and automate tasks to increase efficiency and reduce redundancy.

This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.

Qualifications :

Basic Qualifications:
5 years of relevant work experience with a Bachelors Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters MBA JD MD) or 0 years of work experience with a PhD OR 8 years of relevant work experience.

Preferred Qualifications:
6 or more years of work experience with a Bachelors Degree or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters MBA JD MD) or up to 3 years of relevant experience with a PhD
Bachelors degree in Computer Science Information Systems Management Information Systems or Business Administration or another related field.
o Significant and relevant technical experience meeting the job description may be substituted for degree requirements.
5 years of work experience in Information Security Audit Risk and/or Compliance
o Open to experience in other relevant fields (e.g. finance business administration information technology etc.) if candidate can demonstrate relevancy to this Information securitybased role
3 years direct participation and experience across common industry security policy areas including but not limited to ISO NIST COSO COBIT PCI FFIEC SOX SSAE16/ISAE3402 SOC 2 and others
Experience working with multiple individuals on internal and external delivery
Ability to synthesize a variety of data points problem solve and formulate comprehensive and effective execution and risk mitigation plans
Exceptional communication skills both written and verbal to support compliance and certification audits
Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
Experience in Audit/Compliance/Regulatory discussions and proactive readiness activities in a large global financial institution or a matrix organization.
Providing ongoing gap analysis of current policies practices and procedures as they relate to established guidelines outlined by Industry standards
Conducting indepth technical reviews of enterprise systems to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
Understanding of creating testing and deploying automated workflows using Microsoft Power Automate including integrating Power Automate with other Microsoft 365 applications and thirdparty services.
Working knowledge of scripting and programming languages such as Java Python PowerShell
Proficiency in SQL for querying and managing relational databases
Demonstrated ability to create manage and share interactive dashboards and reports using Microsoft PowerBI or other data analysis tool.
Working knowledge in extracting cleaning and processing data from various sources including databases APIs and flat files.
Understanding of database structures principles and optimization techniques.
Understanding of data warehousing concepts and cloud platforms (e.g. Azure AWS).
Experience in Risk and Control SelfAssessment activities related to Cybersecurity function.
CISSP CISA CISM PCI QSA/ISA Certifications preferred.

Additional Information :

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 510% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk communicate in person and by telephone frequently operate standard office equipment such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 124700.00 to 180650.00 USD per year which may include potential sales incentive payments (if applicable). Salary may vary depending on jobrelated factors which may include knowledge skills experience and location. In addition this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical Dental Vision 401 (k) FSA/HSA Life Insurance Paid Time Off and Wellness Program.

Remote Work :

No

Employment Type :

Fulltime