Develop, support, tune, and deploy security solutions with primary job duties involving:
- Web Application Security: Engineering, deployment, and operations of security solutions, as well as integration with other solutions as required.
- Logging, Monitoring, Alerting, Blocking: Enrolling web properties and application log sources, administration, content development, and working with our customers/stakeholders across the globe. Working with on-premise and cloud-based products such as Imperva WAF, Akamai, CloudFlare, Splunk, ArcSight, ELK Stack, IBM QRadar, and Sumologic.
- Security Software Development: Scripting and development in python, shell, and other development in other languages.
4 years of work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD degree
Over 6 years of experience in Cybersecurity space
- Well versed in python, Perl, and/or shell scripting. Development experience in C++, Java, Java Script is a plus
- Well versed in using regular expressions for the development of signature based policy rules
- API integration experience especially with the aforementioned commercial and open source products
Web and Application Security:
- Extensive experience and expertise with Web Application Firewall management and policy rules combined with knowledge of process and workflow
- Expertise with Cloud-based log aggregation, correlation, and alerting using commercial and open source tools
- Strong knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali related web application testing tools
- Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
- Excellent understanding of the Top 10 OWASP threats
- Excellent understanding of common network and web protocols
- Excellent understanding of DDoS techniques and mitigation mechanisms
- Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
- Knowledge of secure software development life cycle
Educational, Certifications and Other:
- Excellent communication skills
- Excellent team player
- CISSP, SANS GPEN, SANS GXPN, SANS GIAC, SANS GREM, AWS Security (at least some of these)
- OSCP (Offensive Security Certified Professional ) is a plus
- Bachelor’s degree in engineering, computer science, information security, or information systems
· Incumbent must make themselves available during core business hours.
- This position requires the incumbent to travel for work 10% of the time.
· This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Visa Inc. (NYSE: V) is the world’s leader in digital payments. Our mission is to connect the world through the most innovative, reliable and secure payment network - enabling individuals, businesses and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s relentless focus on innovation is a catalyst for the rapid growth of connected commerce on any device, and a driving force behind the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.