Product Security Architecture - Cybersecurity Analyst

Cybersecurity is at the heart of our culture. Our diligence and expertise are what makes us the undisputed leader in electronic payments.  Weve made it our priority to create a top-tier Security Architecture team poised to defend us against any potential cyber threats.

We are seeking a talented and motivated Product Security Architecture - Cybersecurity Analyst to join our security architecture and engineering team. The successful candidate will work closely with senior security architect consultants to assess implement and improve security controls for Visas applications APIs cloud environments and development pipelines including GenAI services.

This role is hands-on requiring good coding skills familiarity with modern cloud platforms and practical experience with Generative AI (GenAI) technologies. You will contribute to threat modelling security reviews and the integration of security best practices for all services and systems reviewed.

Essential Functions:

• Support security architecture reviews for web API and backend applications working alongside senior security staff.
• Assist in security assessments during the development lifecycle including contributing to scoping discussions performing threat modelling and participating in peer reviews.
• Help implement security controls within application frameworks ensuring alignment with Visas security standards.
• Contribute to the identification and analysis of application on prem and cloud security vulnerabilities recommending appropriate mitigations.
• Apply coding skills to review source code where applicable develop proof-of-concept security tools or scripts and automate security checks.
• Support security evaluations and help monitor ongoing security advisories.
• Gain experience in the security implications of infrastructure as code (IaC) technologies (Terraform Ansible AWS CloudFormation) and CI/CD pipelines.
• Assist in the security review of AI/ML and GenAI-related services including prompt injection risks data privacy and model security controls.
• Stay informed about current and emerging cybersecurity threats security testing tools and AI-driven security solutions.
• Collaborate with cross-functional and geographically distributed teams to ensure security requirements are understood and implemented.
• Help maintain and update security documentation technical guidelines and reference architectures.

This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.

Qualifications :

Basic Qualifications:
Demonstrable coding skills in at least one modern language (Python Java Go or similar).
Practical experience working with Generative AI (GenAI) technologies or AI/ML systems with the ability to explain key security considerations risks and basic control approaches for AI-driven systems. (Deep implementation expertise not required at this level but a strong foundational understanding is essential).
Working knowledge of cloud platforms (AWS Azure GCP) and common security patterns for cloud-native applications.
Familiarity with security principles for on-premise network application security and cloud environments.
Understanding of threat modelling and vulnerability assessment processes.
Awareness of common security standards and frameworks (PCI-DSS NIST ISO 27001).


Preferred Qualifications:
Exposure to security controls in GenAI platforms (e.g. LLMs AI/ML pipelines).
Exposure to container technologies (Docker Kubernetes) and associated security tools.
Familiarity with DevOps practices and security automation.
Experience with vulnerability management solutions.
Awareness of regulatory and compliance requirements relevant to the payments industry (e.g. PCI GDPR).

Additional Information :

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Remote Work :

No

Employment Type :

Full-time