TotalCyber.io
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Cybersecurity Analyst – Audit & Compliance (GRC)
VisaAustin, TX, US
Onsite
Full-time
Company Description
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.
Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.
Job Description
This Cybersecurity Analyst position will serve as part of Visa's Cybersecurity Audit and Compliance (A&C) function within the Cybersecurity Governance Risk and Compliance and M&A Integration (GRC) team, reporting to Director/Sr. Director. This position will provide oversight, coordination, and delivering the activities that support successful internal audits, external audits and compliance, regulatory activities, and external customer/client requests while effectively balancing the individual elements of these activities.
Essential Functions:
Provide oversight, coordination, and delivering the activities that support successful internal audits, external audits and compliance, regulatory activities, and external customer/client requests.
Assist with validating the ongoing effectiveness of Cybersecurity controls across Visa (both automated and manual), working with a variety of control owners within the Cybersecurity organization, and evaluating control design and standards in a variety of program areas. You will be assessing the security on various platforms and technologies from attacks like:
Payment processing platforms, Payment Wallet solutions, Consumer facing applications, COTS products deployed in house,
SaaS, PaaS, and IaaS public cloud offerings
Mainframe, Linux, Windows, and virtual machines
IDS, SIEM, WAF, Firewalls
HSMs, Tokenization systems, data encryption solutions
APIs, Web technologies,
Relational and noSQL databases
Access Management solutions
Stay up to date on new security tools & techniques in the information security space
Good understanding of regulatory standards that will help Cyber teams to achieve various compliance certifications like PCI, FFIEC, RBI, etc.
Influence beyond immediate team and with those of more experience/seniority
Develop data points into Information Security risk management reporting activities, including dashboards, metrics, and executive reporting content
Update Cybersecurity leadership on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.
Develop dashboards and automate tasks to increase efficiency and reduce redundancy.
This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.
Qualifications
Basic Qualifications:
•2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience. Masters graduates must have 2+ years of relevant work experience to qualify.
Preferred Qualifications:
•3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
•3-5 years of work experience in Information Security, Audit, Risk, and/or Compliance
oOpen to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) if candidate can demonstrate relevancy to this Information security-based role
•2+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16/ISAE3402, SOC 2 and others
•Experience working with multiple individuals on internal and external delivery
•Ability to synthesize a variety of data points, problem solve and formulate comprehensive and effective execution and risk mitigation plans
•Exceptional communication skills - both written and verbal to support compliance and certification audits
•Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
•Experience in Audit/Compliance/Regulatory discussions and proactive readiness activities in a large global financial institution or a matrix organization.
•Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by Industry standards
•Conducting in-depth technical reviews of enterprise systems to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
•Understanding of creating, testing, and deploying automated workflows using Microsoft Power Automate, including integrating Power Automate with other Microsoft 365 applications and third-party services.
•Working knowledge of scripting and programming languages, such as Java, Python, PowerShell
•Proficiency in SQL for querying and managing relational databases
•Demonstrated ability to create, manage, and share interactive dashboards and reports using Microsoft PowerBI or other data analysis tool.
•Working knowledge in extracting, cleaning, and processing data from various sources including databases, APIs, and flat files.
•Understanding of database structures, principles, and optimization techniques.
•Understanding of data warehousing concepts and cloud platforms (e.g., Azure, AWS).
•Experience in Risk and Control Self-Assessment activities related to Cybersecurity function.
•CISSP, CISA, CISM, PCI QSA/ISA Certifications preferred
Cybersecurity Analyst – Audit & Compliance (GRC)
Location
Austin, TX, US
Workplace
Onsite
Type
Full-time
