Job Description

Visa’s Cybersecurity team provides enterprise-wide, risk-based cybersecurity policies, practices, and solutions to protect Visa’s systems and data from internal and external threats. To protect Visa’s assets in this dynamic threat landscape, they are deploying new cyber-security tools, collaborating across industries, and taking a proactive approach to monitoring the cyberspace beyond the Visa network.

The Associate Cybersecurity Analyst will work as a member of Visa Cybersecurity’s Ethical Hacking (Penetration Testing) program. The objective of Visa’s Penetration Testing program is to proactively identify weaknesses and shortcomings in Visa’s security posture and recommend necessary controls/procedures to protect Visa from adversarial threats. With this mission in mind, Visa’s Ethical Hacking Team experts are proactively involved in engagements that simulate adversarial threats and attacks in a timely manner.

The Associate Cybersecurity Analyst will be a key contributor for performing internal and external penetration tests of Visa applications and systems. Penetration Test team members also help with design, development, and recommendation of security solutions to protect Visa proprietary/confidential data and systems. The candidate will also assist with compliance objectives, provide guidance/direction for the logical protection of information systems assets to other functional units, prepare reports regarding effectiveness of information security adherence, and make recommendations for the adoption of new policies and procedures for Visa services.

Responsibilities

• Conduct high risk and sensitive penetration tests of internally and externally hosted applications globally according to scope defined by the penetration test team
• Subject matter expertise in web application, API, or network penetration testing
• Proactively research/identify vulnerabilities and provide recommended countermeasures or mitigating controls to reduce risk to an acceptable and manageable level
• Review results of network and application penetration tests in order to determine severity of findings and to ensure proper remediation is applied
• Provide accurate and timely reporting of findings and proposed remediation/mitigations
• Develop and automate scripts, tools and resources needed to advance ethical hacking capabilities around new and emerging technologies like mobile, cloud and embedded systems
• Active involvement in security research around new and emerging technologies

Qualifications

Basic Qualifications

• Less than 2 years relevant work experience with either Bachelor’s or Master’s degree in Computer Science, Computer Engineering, CIS/MIS, Cybersecurity, Business or a related field, graduating January 2023 - August 2024

Preferred Qualifications 

• Understanding of OWASP Top 10 and SANS Top 25 web application and network vulnerabilities
• Understanding of cryptographic concepts and applied cryptography (SSL, AES, etc.)
• Understanding and experience in using CVSSv3.0/3.1
• Proficiency in one or more scripting language – Perl, Python, Shell Scripting, etc.
• Proficiency in one or more high level programming languages like Java, C, C++, Ruby, etc.
• Expertise and experience in web application or API penetration testing is a plus
• Understanding of OSI and TCP stack with emphasis on  computer architecture and networking protocols
• Knowledge of web application technologies and layer 7 protocols like HTTP, DHCP, DNS, FTP, etc.
• Good understanding of networking concepts around Ethernet, switched LAN and WAN environment
• Familiarity with security tools & frameworks like Burp Suite Professional, Nmap, Nessus, Kali is a plus
• Strong problem solving and analytical skills
• Strong communications skills, specifically, the absence of repeated grammatical or typographical errors, clear and concise written and spoken communications, and communications that demonstrate professional judgment. 
• The ability to take on challenges and address problems head-on 
• Strong ability to collaborate 
• Highly driven, resourceful and results oriented 
• Good team player and excellent interpersonal skills 
• Good analytical and problem-solving skills 
• Demonstrated ability to lead and navigate through ambiguity