Cyber Security Engineer - Sr. Consultant level - Regulatory, Audit, & Compliance

This leadership position is part of Visas Cybersecurity Regulatory Audit and Compliance function within the Cybersecurity Governance Risk and Compliance and M&A Integration (GRC) team. Reporting to the Senior Director this role involves overseeing coordinating and delivering activities that support regulatory operations internal audits external audits and customer/client requests. The primary responsibility will be to manage technical requests from regulators in the US UK and other regions where Visa operates.

In addition you will be building implementing and optimizing Regulatory Audit and Compliance solutions for our team. This role translates regulatory and audit requirements into scalable automated technical solutions enabling efficiency and operational excellence.

Essential Functions

• Oversee and manage audits compliance and regulatory activities related to Cybersecurity including FBA/FFIEC Bank of England other regulators GLBA SSAE16/ISAE3402 SOC 2 PCI-DSS Sarbanes-Oxley (SOX) internal audits ISO NIST COSO COBIT and customer/client inquiries.
• Collaborate with Cybersecurity Technology Compliance Audit and HRIS teams to automate manual compliance and control tasks for ongoing audit readiness.
• Regularly review analyze and apply current technologies including AI and machine learning to enhance automation efficiency and risk management within Regulatory Audit and Compliance functions.
• Build intuitive dashboards and reporting capabilities for stakeholders providing real-time visibility into the risk and compliance posture of critical business systems
• Advise Cybersecurity leadership on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications :

Basic Qualifications:
8 years of relevant work experience with a Bachelors degree or at least 5 years of experience with an Advanced Degree (e.g. Masters MBA JD MD) or 2 years of work experience with a PhD OR 11 years of relevant work experience

Preferred Qualifications:
Advanced Degree (e.g. Masters MBA) in related field.
Bachelors degree in Computer Science Information Systems Management Information Systems or Business Administration or another related field.
oSignificant and relevant technical experience meeting the job description may be substituted for degree requirements.
8-10 years of leadership experience in Information Security Audit Risk and/or Compliance.
oOpen to experience in other relevant fields (i.e. finance business administration information technology etc.) as long as a candidate can demonstrate relevancy to this Information Security based role.
6 years direct participation and experience across common industry security policy areas including PCI-DSS NIST COSO COBIT FFIEC SOX SSAE16/ISAE3402 SOC 2 and others. Candidates with experience in Audit/Compliance/Regulatory discussions and proactive readiness activities in a large global financial institution or a matrix organization preferred.
Proven experience collaborating with multiple stakeholders on both internal and external delivery and communication initiatives.
Expertise in implementing and integrating enterprise GRC solutions including AuditBoard with hands-on experience in system integrations and platform administration.
Hands-on experience with workflow automation APIs scripting or low-code/no-code tools
Passion for continuous improvement emerging technologies and driving innovation with AI and automation.
Strong executive presence and exceptional communication skills with experience in audit compliance regulatory discussions and proactive readiness activities with internal partners and external clients.
Capability to influence beyond the immediate team and engage with more experienced or senior individuals.
Must be highly flexible and able to manage multiple tasks and priorities under tight deadlines.
Data Analysis skills using Microsoft Excel SQL or other scripting languages.
Broad and deep experience across PCI standards (DSS PIN P2PE Token etc.) with the ability to apply the standards with confidence across different organizational contexts.
Previous experience in implementing or managing Governance Risk and Compliance (GRC) tools as well as developing dashboards and creating tools to automate tasks to enhance efficiency.
Prior experience in utilizing Artificial Intelligence tools to improve efficiency.
CISSP CISA CISM CEH PCI QSA/ISA Certifications preferred

Additional Information :

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk communicate in person and by telephone frequently operate standard office equipment such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 174500.00 to 253200.00 USD per year which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge skills experience and addition this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical Dental Vision 401 (k) FSA/HSA Life Insurance Paid Time Off and Wellness Program.

Remote Work :

No

Employment Type :

Full-time