As the world’s leader in digital payments technology, Visa’s mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce. 

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You’re an Individual. We’re the team for you. Together, let’s transform the way the world pays.

Essential Functions:

• Understand the Insider Threat Landscape and apply innovative solutions to address threats using analytics
• Identify and develop Insider Threat Detection Use cases focused on insider risks
• Apply intelligence reporting and knowledge of the security network towards the discovery of suspicious activity and to prevent and/or detect future incidents
• Analyze technical and non-technical indicators of potential insider threat activity and escalate accordingly
• Identify, triage and remediate threats based on threat intelligence as well as active analysis of log data
• Investigate and communicate with peers on the risk posed by these threats. Report on findings from investigations and incidents
• Tune rulesets, maintain use cases, and update case dispositions within insider threat tools and case management system
• Research and recommend alerts and detections to minimize false positives and identify concerning behavior
• Contribute to tool optimization and automation initiatives to streamline analysis and response workflows and processes
• Respond to request for ad-hoc reporting and research topics from management as required
• Produce concise, written analysis and visual presentation of findings
• Support process improvement of the current insider threat program and alignment with the strategic program
• Lead investigations, gather evidence, compile investigative reports, and provide guidance on potential Insider threat investigations to stakeholders and partners
• Lead process improvement and optimization efforts for the team
• Support program growth and maturity efforts, as needed
• Engage and support relationships with Cybersecurity partners in the business such as Legal, HR, Compliance, and Enterprise Risk
• Implement technical controls required to identify and detect insider threat behavior
• Identify and develop Insider Threat Detection use cases and conduct Insider Threat investigations
• Work both independently and while operating in a geographically and culturally diverse peer group.

Basic Qualifications

• 8 years of relevant work experience (information security areas such as threat hunting, incident response, forensics, security analysis, security engineering, cyber threat tactics, techniques, and procedures )with a Bachelor’s Degree or 5 or more years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD 
• Strong analytical skills to identify complex security issues and respond at the same level with a technical understanding of when to escalate impacting security events.   

Preferred Qualifications:

• Experience understanding the Insider Threat Landscape and applying innovative solutions to address threats using analytics
• Familiarity with Insider Threat detection technologies and tools such as SIEM, UBA, DAM, DLP, etc.
• Working knowledge of investigation processes and techniques leveraging technical and non-technical indicators
• Certifications such as GREM, GIAC, SANS, CEH are a plus.
• Experience with security controls for Operating Systems (e.g. Linux, Windows, etc) as well as regular expressions and scripting language(s) (Powershell, Python, etc)
• Candidate will exhibit a history of reliability and strong decision-making skills 

Work Hours: Varies upon the needs of the department

Travel Requirements: This position requires travel 5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.