The role will work as a member of the Global Cybersecurity organisation - Security Architecture team, which is focused on improving technology and architecture decision-making through collaboration with management, staff and customers on technology strategy, enterprise architecture, and investments in strategic security technology.
The individual, with a broad cybersecurity plus systems and network architecture knowledge and experience, will deliver security assessments while supporting our direction, lifecycle management and leadership for security architecture and technology. The individual will perform a key role in Security assessments while supporting various critical initiatives through the identification, analysis, evaluation, lifecycle management and adoption of security architectures and technologies. The Security Architect will work closely with other security functions and will provide guidance to ensure that there is coordination with their activities in technology choices. In addition, the Security Architect will be involved with education and mentorship, supporting the delivery framework, development of technical architecture and associated documentation, as well as advanced topics of research.
- Be a product security champion by driving Security Architecture and Design, implementation and optimization for Web, API and Mobile backend applications across Visa
- Providing advanced security architecture designing and solutions based on Industry best standards and Cloud alliance guidelines and support for critical systems and services including application and security infrastructure on-prem and cloud
- Coordinates with various teams to ensure security controls and services are configured with the correct posture to support business requirements based on Visa TSRs and Key controls
- Continuous monitoring and improvement on the IT and Cloud Infrastructure based on changing business needs
- Support and accelerate scalability, reliability, and performance improvement in the Visa Security Posture
- Assist in maintaining strong oversight with cloud computing solution to safeguard against undue risk presented by external entities
- In particular, manage the strategic relationship with key security vendors in the Cloud and IT area
- Work with different internal Visa teams and assist in Cloud Security assessment lanes such as Vulnerability Mgmt., Network Teams, OS teams, Pen testing
- Understand urgency and security risk and respond to critical vulnerabilities and data exposures
- Applying security design principles to develop security solutions architectures
- Engage in the initial requirements definition including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards
- Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle
- Facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
- Identify and analyse system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level
- Bachelor’s Degree in Computer Science or related field
- Minimum 4-7 years’ experience in developing baseline security control requirements, security policies/procedures & risk management program.
- Must have minimum 1 year of hands-on experience in building and designing cloud solutions from Cloud Security Providers like AWS, GCP and Azure
- Flexible, adaptable, and able to manage multiple tasks in a dynamic, fast-paced environment.
- Ability to communicate complex technical concepts effectively.
- Ability to convey security concepts to both technical and non-technical audiences
- Experience in performing threat-modelling of complex systems
- Experience in designing, building, and maintaining scalable cloud and Network infrastructure and applications.
- Working knowledge of IP Networking, Routing, Switching, VPNs, DNS, and Load balancing.
- Ability to assess networking security policies with various firewalls features supported by CSPs.
- Develop standards, policies and procedures as well as best practices documentation for Cloud deployments
- Translate security and technical requirements into business requirements and communicate security risks to different audiences ranging from business leaders to engineers.
- Automate security controls, data and processes to provide better metrics and operational support
- Prefer CISSP and/or Cloud-related certifications
Due to the COVID-19 pandemic and the evolving visa/travel restrictions in place, we are currently only able to extend offers to candidates with the right to work in Singapore. We are keeping the situation under close review and will adjust accordingly should the restrictive measures be lifted.Additional InformationVisa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Job Number: REF000777W