Security Manager - Digital Developed Markets
- Foster City, CA, USA
As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You're an Individual. We're the team for you. Together, let's transform the way the world pays.
The Digital Solutions Product group is on the forefront of Visa's innovation and looking for talented individuals with vision, passion and determination to make our clients business and consumer products more engaging, seamlessly available, easy to use and secure.
The Digital Product Solution Delivery team at Visa manages the Visa Ready Security program and develops and maintains security requirements for third-party partners as well as generating security requirements for new digital consumer products. We are looking for a Security Manager to support the evolution of Visa’s secure digital payments. The focus will be on the security of digital payment solutions across mobile and IoT platforms as well as web applications and will support the Visa Ready partner programs by developing and managing security requirements for new and existing digital products by working with product, technology, risk and information security teams, to establish these requirements.
The Visa Ready team is looking for a person with a background in security and who can learn quickly, work in a team to manage security requirement development, interact with solution providers and external security laboratories responsible for performing the evaluations and take the lead in assessing the overall security of new consumer payment solutions. This includes contributing to the architectural security design review and the processes for assessment of digital payment solutions. You will provide actionable input and recommendations to the team as to whether these solutions meet Visa requirements. This will include risk considerations such as the tradeoff between logical and physical security requirements, as well as local versus remote solution “health” status monitoring. As a team member you will contribute to maintaining security knowledge of standards, industry best practices, and emerging attack/prevention trends and technologies as they apply to the Visa Ready program. Based on the dynamic nature of digital payments, this includes providing enhancement recommendations to ensure that the Visa Ready documentation is current. You will also work with the Product Technology testing group to coordinate 3rd party security reviews as well as managing the Visa security lab partners and participating in security lab audits.
TRAVEL REQUIREMENT :This position requires the incumbent to travel for work 10-15% of the time.
4 years of work experience with a MBA; or a minimum of 2 years of work experience with a PhD
• Knowledge of modern device, web, protocol and network security and encryption techniques and standards.
• Familiar with relevant application design and development security techniques such as the use of trusted execution platforms, root-of-trust, white-box cryptography, attestation and code obfuscation.
• Familiar with relevant web application security considerations such as click-jacking, cross-frame scripting mitigation and content security policies.
• Good understanding of control objectives, security evaluation goals, security assets, assurance levels, security requirements and test purpose.
• Experience with evaluating the security of digital payments solutions, especially in the context of gathering and formulating security requirements, and interpreting security reports.
• Familiar with logical and physical security requirements and standards.
• Good understanding of the security architecture of consumer and IoT devices.
• Familiar with authentication techniques and biometric technology.
• Willingness to continuously learn about new relevant security attacks and prevention techniques in consumer device, web and ecommerce payment security.
• Must have good communication skills (written and verbal).
• The ideal candidate should hold at minimum a Master in Computer Science or Computer Engineering. CISSP and CISA certification is a plus.
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.