- Singapore, Singapore
As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You're an Individual. We're the team for you. Together, let's transform the way the world pays.
The role will work as a member of the Global Cybersecurity organisation - Security Architecture team, which is focused on improving technology and architecture decision-making through collaboration with management, staff and customers on technology strategy, enterprise architecture, and investments in strategic security technology.
The individual, with a broad cybersecurity plus systems and network architecture knowledge and experience, will deliver security assessments while supporting our direction, lifecycle management and leadership for security architecture and technology. The individual will perform a key role in Security assessments while supporting various critical initiatives through the identification, analysis, evaluation, lifecycle management and adoption of security architectures and technologies. The Security Architect will work closely with other security functions and will provide guidance to ensure that there is coordination with their activities in technology choices. In addition, the Security Architect will be involved with education and mentorship, supporting the delivery framework, development of technical architecture and associated documentation, as well as advanced topics of research.
- Be a product security champion by driving Security Architecture and Design, implementation and optimization for Web, API and Mobile backend applications across Visa
- Providing advanced security architecture designing and solutions based on Industry best standards and Cloud alliance guidelines and support for critical systems and services including application and security infrastructure on-prem and cloud
- Coordinates with various teams to ensure security controls and services are configured with the correct posture to support business requirements based on Visa TSRs and Key controls
- Continuous monitoring and improvement on the IT and Cloud Infrastructure based on changing business needs
- Support and accelerate scalability, reliability, and performance improvement in the Visa Security Posture
- Assist in maintaining strong oversight with cloud computing solution to safeguard against undue risk presented by external entities
- In particular, manage the strategic relationship with key security vendors in the Cloud and IT area
- Work with different internal Visa teams and assist in Cloud Security assessment lanes such as Vulnerability Mgmt., Network Teams, OS teams, Pen testing
- Understand urgency and security risk and respond to critical vulnerabilities and data exposures
- Applying security design principles to develop security solutions architectures
- Engage in the initial requirements definition including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards
- Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle
- Facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
- Identify and analyse system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level
• Minimum 4-7 years’ experience in developing baseline security control requirements, security policies/procedures & risk management program.
• Must have minimum 1 year of hands-on experience in building and designing cloud solutions from Cloud Security Providers like AWS, GCP and Azure
• Flexible, adaptable, and able to manage multiple tasks in a dynamic, fast-paced environment.
• Ability to communicate complex technical concepts effectively.
• Ability to convey security concepts to both technical and non-technical audiences
• Experience in performing threat-modelling of complex systems
• Experience in designing, building, and maintaining scalable cloud and Network infrastructure and applications.
• Working knowledge of IP Networking, Routing, Switching, VPNs, DNS, and Load balancing.
• Ability to assess networking security policies with various firewalls features supported by CSPs.
• Develop standards, policies and procedures as well as best practices documentation for Cloud deployments
• Translate security and technical requirements into business requirements and communicate security risks to different audiences ranging from business leaders to engineers.
• Automate security controls, data and processes to provide better metrics and operational support
• Prefer CISSP and/or Cloud-related certifications
Due to the COVID-19 pandemic and the evolving visa/travel restrictions in place, we are currently only able to extend offers to candidates with the right to work in Singapore. We are keeping the situation under close review and will adjust accordingly should the restrictive measures be lifted.