Cybersecurity Engineer

Visa Technology & Operations LLC a Visa Inc. company needs a Cybersecurity Engineer (multiple openings) in Austin Texas to:

1. Define embed and enforce consistent Secure Software Development Lifecycle (SSDLC) practices and secure-by-design principles for all Visa technology projects.
2. Ensure the end-to-end security of Visa products by conducting hands-on security assessments integrating threat modeling into the SDLC and helping development teams remediate risks.
3. Build maintain and improve security tools (e.g. SAST DAST SCA) integrating them within the CI/CD pipeline to create automated developer-friendly security workflows.
4. Own the end-to-end lifecycle for internally developed security tools and products and automations including their development security deployment maintenance and operational support.
5. Perform Security Architecture and Low-Level Application Design reviews with a strong emphasis on Data Protection Authentication Authorization Web Application and API Security.
6. Contribute to the development of security standards for emerging technologies including evaluating AI-generated code defining guardrails for LLM tools etc.
7. Develop and optimize processes to improve the software development efficiency and accelerate the adoption of secure development practices.
8. Improve secure coding practices application security requirements automation training and metrics.
9. Collaborate proactively and cross-functionally with product engineering and solution teams to manage software security risk in alignment with business goals and Visas cybersecurity program objectives.
10. Clearly communicate risks and recommendations to both technical and non-technical audiences.
11. Develop track and report on key metrics to measure the effectiveness of the application security program and drive continuous improvement.
12. Continuously research the threat landscape emerging vulnerabilities and industry best practices for secure software development and incident response to proactively improve Visas application security posture.
13. This position reports to the Austin Texas office and may allow for partial telecommuting.

Qualifications :

Basic Qualifications:

• Masters degree in Cybersecurity Computer Science or related field and 2 years of experience in the job offered or in a Cybersecurity Engineer-related or similar occupation.
• Position requires experience in the following:
  1. Deep knowledge of OWASP Top 10 OWASP API Top 10 and CWE Top 25 and their associated attack vectors.
  2. Experience in architecting and implementing Secure SDLC (SSDLC) by embedding automated tools and secure practices into Agile development processes.
  3. Hands-on experience in performing security architecture and in-depth secure code reviews and fixing vulnerabilities in the code.
  4. Proficiency in at least two programming languages - Java C#/.NET Microsoft PowerShell or Python.
  5. Experience in building scalable automations and tools to streamline workflows and improve developer experience.
  6. Expertise in operating and managing SAST (e.g. Veracode Checkmarx) SCA (e.g. Veracode SCA Sonatype) and DAST (e.g. Acunetix Burp Suite) tools to analyze the security posture of the code and applications.
  7. Hands-on experience in managing the full deployment lifecycle from configuring CI/CD pipelines (tools like TeamCity or Jenkins) to managing production operations on Microsoft Windows Server (IIS) or Linux (Apache Nginx) servers.
  8. Experience in managing the end-to-end vulnerability lifecycle from technical triage and prioritization to timely remediation of the vulnerabilities.
  9. Experience in training developers on secure coding including demonstrating the real-world impact of vulnerabilities.
  10. Experience in translating technical security data into clear metrics and insights to improve decision making and demonstrate program effectiveness.

Additional Information :

Worksite: Austin Texas

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site) with a general guidepost of being in the office 50% or more of the time based on business needs.

Travel Requirements: This position does not require travel.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk communicate in person and by telephone frequently operate standard office equipment such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

U.S. APPLICANTS ONLY: The estimated salary range for this position is $123700.00 to $191300.00 USD per year which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge skills experience and addition this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical Dental Vision 401 (k) FSA/HSA Life Insurance Paid Time Off and Wellness Program.      

Remote Work :

No

Employment Type :

Full-time