Job Description

Visa is seeking an experienced technical leader to facilitate an effective enterprise-wide information and operation technology security governance program that ensures the strategic alignment of information security and broader corporate objectives. This is a leadership role that has accountability for identifying, evaluating, reporting, and managing information security risks in ways that meet compliance and regulatory requirements, and build business confidence in the cybersecurity program. This requires proactive collaboration with cross-functional stakeholder teams across Visa Technologies to ensure alignment and application of practices that both support business goals and meet defined policies and standards for information security. Essential Functions Ensure that findings from various discovery sources (e.g., Bug Bounty, Whitehat, Pentest, SSDLC, Security Architecture, etc.) are recorded and tracked in a centralized structure (SLP). Provide end-to-end visibility into coverage, tracking, remediation and reporting of all security findings, and provide visibility into actions taken for risk reduction as per Visa security standards. Ensure all security findings, control deviations and vulnerabilities are remediated by their assigned Required Remediation Dates (RRDs) or placed under an approved exception. To foster DAILY compliance across all of Visa. Prescribe security improvements for environments to resolve or mitigate security findings or otherwise enhance security posture to achieve compliance with all security initiatives. Ensure no new code is introduced into production with open Critical, High or Medium findings. Reduce the number of security findings (all for all discovery sources) under exception. Collaborate with PD teams and provide weekly vulnerability and TSR Finding score cards to Technology Leadershipto driveVulnerabilitiesand TSRs under Exception to less than 1%. Foster innovation efforts to increase efficiencies and automate manual processes. Support our team\'s Global Assurance COPE (Continuous Optimization Process Enhancements). Establish a process and platform to execute processes to measure efficacy of Key Cyber controls. Ensure audit readiness efforts for finding management from internal and external audits. Build an extensive network of positive relationships throughout Visa and its Technology organizations to be leveraged to accomplish the broad requirements of this position. Lead the GRC Assurance staff located in Bangalore and other remote locations globally as needed. Responsible for leading and directly/indirectly managing a global team of data analysts, report and dashboard developers, and process innovation and automation specialists. Provide guidance, support, and direction to team members and ensure that they have the resources and training they need to succeed in the function. Work with stakeholders to identify opportunities for automation, Key Performance Indicators (KPIs), Key Risk Indicators (KRIs) and develop reporting mechanisms to track progress and solutions to streamline Cybersecurity processes. Work with stakeholders across teams as appropriate to develop and implement process improvements to increase efficiency and effectiveness. Responsible for identifying process innovation, automation, and improvement opportunities within the Cybersecurity GRC Assurance team and assist in leading the development and implementation of all such solutions to increase efficiency and effectiveness, via utilizing tools such as Python programming and the ServiceNow platform. This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs. Qualifications Basic Qualifications: . 10+ years of relevant work experience and a Bachelors degree, OR 13+ years of relevant work experience Preferred Qualifications: . 12 or more years of work experience with a Bachelor\'s Degree or 8-10 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 6+ years of work experience with a PhD in a computing-related discipline. . 4+ years of work experience including leadership roles in Cybersecurity, Audit, Risk, and/or Compliance. . At least 5+ years of successful people management and skill development experience with a strong ability to lead, coordinate, and motivate multi-disciplinary teams across organizational boundaries, in a fast-paced, change intensive environment. o Proven ability to mentor/manage and motivate a team of experienced technologists and set clear priorities to achieve department goals. o Cultivate a diverse high-performing team of security professionals who will continue to evolve to address the information security needs of the company. o Create energy and enthusiasm at all levels of the information security organization to retain top talent and motivate the teams. o Demonstrated experience operating in a complex, federated global organization with a geographically dispersed team. o Successful track record of partnership across organizations to build trust and achieve shared goals. . Exceptional critical thinking skills and thought leadership with the ability to quickly comprehend complex problems, draw logical conclusions, make sound decisions, develop solutions, and negotiate and respond accordingly to drive closure. Strong analytical skills with excellent problem-solving ability. . Strong analytical skills and the ability to interpret data and metrics to identify trends, patterns, and anomalies. Experience using this information to make informed decisions and recommendations. . Proven history of being a self-starter by proactively identifying problems, determining pragmatic solutions, identifying, and obtaining needed resources, and executing with little or no supervision. . Articulate communicator and collaborator, demonstrating mastery of both spoken and written English, with the professional confidence and credibility to effectively engage and interact with senior and executive management. o Ability to take unpopular positions when necessary, influence others to support these decisions, and maintain trust and credibility. o Professional stature and gravitas to consult with and influence sophisticated and seasoned partner groups with credibility, confidence and a collaborative approach. o Ability to thoroughly understand complex business and technical issues and influence decision making at all levels of the organization without formal reporting structure authority. . Impeccable integrity and ethics combined with outstanding judgment and inter-personal skills. Extremely high professional standards and expectations for oneself and others. . Required to work some evenings each week to support the global team. Additional Experience Desired: . Strong Program Management experiences and skills of large scale and complex implementations, their processes and tools, and a keen ability to multi-task. Experiences in deploying and supporting Coordinated Vulnerability Programs and Incident Responses Experiences in deploying Data Leakage Prevention (DLP), Encryption, Identity Access Management (IAM) solutions, Vulnerability Management and Governance Risk Compliance (GRC) tools. . Direct participation and practical experience across common industry security policy areas, including ISO, NIST, COSO, COBIT, Sarbanes Oxley (SOX), PCI-DSS, SSAE18, FFIEC/FBA requirements, FedRAMP and others. . Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to the financial industry. . Hands-on experience in software development with a focus on cybersecurity related outcomes with leadership experience in information security and risk management function. . Certifications such as Tableau Desktop Certified Professional or Tableau Server Certified Professional. . Cybersecurity certifications such as CISSP, CISA, or CISM. Additional Information Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

foundit