Staff Systems Analyst

Job Description

Visa Technology & Operations LLC, a Visa Inc. company, needs a Staff Systems Analyst (multiple openings) in Austin, Texas to:

1. Act as a Security Champion of overall Clearing and Settlement department.
2. Develop, enhance, and fix programs for securing and enhancing Visa's critical Clearing and Settlement systems.
3. Cross-collaborate with Cybersecurity, Application Teams, PenTest Teams and technical staff to design and secure applications by appropriate solutions.
4. Develop and implement secure web applications using Checkmarx, Sonarcube, and Blackduck, following industry best practices. Ensure secure coding practices are adhered to throughout the development lifecycle.
5. Implement secure coding practices with a focus on TLS, handshaking, and ciphers in setting applications. Stay updated with the latest CVE findings and apply necessary security measures to mitigate vulnerabilities.
6. Monitor Patch and Vulnerability management solutions, including Qualys and TSR and threat prevention systems.
7. Implement and manage cryptographic techniques including RSA 256, HMAC 256, SHA 256, and AES 256. Perform digital signature verification using asymmetric keys and generate asymmetric keys (2048 and 4096 bits) while managing key expiry.
8. Implement JWT Token for REST API authentication and set up OpenID Connect using integrity and confidentiality keys. Ensure secure integration of OAuth-2 with the Spring framework.
9. Conduct comprehensive security assessments including static code vulnerability analysis, third-party library assessments, and OWASP violation checks. Ensure all PenTest findings are addressed and all PAN and PII data are secured.
10. Perform threat modeling to identify potential security threats and vulnerabilities in the application architecture. Develop and implement mitigation strategies to address identified threats.
11. Develop and maintain incident response plans to address security breaches and incidents. Conduct regular incident response drills to ensure preparedness.
12. Implement and manage security monitoring tools to detect and respond to security incidents in real-time. Analyze security logs and alerts to identify and address potential security issues.
13. Evaluate options and provide recommendation on scope and scale of effort required to develop solutions.
14. Contribute during technical security engagements to ensure VISA’s compliance with internal and regulatory requirements.
15. Ensure compliance with relevant security standards and regulations such as PCI-DSS, GDPR, and HIPAA. Conduct regular security audits and assessments to ensure compliance.
16. Identify opportunities for further enhancements and refinements to standards, processes, and systems.
17. Develop ways to automate compliance and security to improve the efficiency of the Team.
18. Maintain detailed documentation of security protocols, procedures, and assessments. Provide regular reports on security status and recommendations for improvements.
19. Conduct security training and awareness programs for development teams to ensure they are knowledgeable about secure coding practices and the latest security threats.
20. Position reports to the Austin, Texas office and may allow for partial telecommuting.

Qualifications

Basic Qualifications:

• Employer will accept a Bachelor's degree in Cybersecurity, Security Engineering, or related field and 2 years of experience in the job offered or in a security analyst or cybersecurity analyst-related occupation.
• Alternatively, employer will accept a Master’s degree in Cybersecurity, Security Engineering, or related field.
• Position requires experience in the following skills:
  1. Proven experience in web application security and secure coding practices. Hands-on experience with Checkmarx, Sonarcube, and Blackduck.
  2. Web application security, and secure coding and best practices.
  3. Python, Java, JavaScript, MySQL, Linux and Linux standards.
  4. Web Access Management solutions, such as ForgeRock.
  5. Strong knowledge of TLS, handshaking, ciphers, and CVE findings. Expertise in cryptographic techniques including RSA 256, HMAC 256, SHA 256, and AES 256.
  6. Experience with digital signature verification and asymmetric key management.
  7. Familiarity with JWT Token, OpenID Connect, and OAuth-2 integration with Spring.
  8. In-depth understanding of OWASP guidelines, security assessments including static code vulnerability analysis, third-party library assessments and Penetration testing.
  9. Fixing security attacks and Threat modelling.
  10. Vulnerability assessments, threat prevention systems and Penetration testing.
  11. Incident response and root cause analysis.
  12. Hands-on security monitoring tools.
  13. First level compliance monitoring and investigations.

Experience in the above skills can be gained through academic coursework and/or work experience.