Cybersecurity Analyst - Senior Consultant - Red Team

Summary

Join Visa's Red Team as a security expert, proactively identifying and mitigating vulnerabilities in our systems. You will conduct ethical hacking exercises, both internally and externally, to simulate real-world threats. Responsibilities include designing and developing security tools, analyzing vulnerabilities, and reporting findings to executive management. This remote position requires extensive experience in ethical hacking, penetration testing, and various security technologies. You will work collaboratively with other teams to improve Visa's security posture and contribute to the overall security strategy. Visa offers a competitive salary and a comprehensive benefits package.

Requirements

8+ years of relevant work experience with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience

Responsibilities

• Conduct high risk and sensitive ethical hacks of internally and externally hosted applications globally according to scope defined by Red Team
• Co-ordinate and execute system/network level advanced Red Team and ethical hacking exercises
• Design and develop scripts, frameworks, and tools required for facilitating and executing complex undetectable attacks
• Reviews results of network and application ethical hacks to determine severity of findings and to ensure proper remedies are applied
• Performs penetration and remediation testing and reporting through the application of expert ethical hacking and penetration techniques in a fast-paced, highly technical environment. Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce risk to an acceptable and manageable level
• Provide accurate and timely reporting of findings and proposed remediation and mitigations
• Coordinate Red team operational briefings and presentations to non-technical audience and executive management, as required
• Provide technical support to Business Leader in identifying and streamlining new/existing protocols and tools used by the Red Team
• Technical support could include, but not limited to the following: (1) Audit support & remediation, (2) Process Improvement, (3) Analysis & Reporting, (4) Cross Divisional Functional education, training and awareness, (5) Function/Methodology/Strategy advancement
• Define and develop agenda for training and educating security professionals on advanced exploits, tools, and frameworks
• Perform research of emerging technologies and design frameworks and capabilities required to perform Red Team exercises of new technologies adopted by Visa

Preferred Qualifications

• 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
• Expertise performing advanced exploitation and post-exploitation attacks as part of ethical hacking exercises
• Prior experience or expertise performing Red Team exercises
• Experience in writing proof-of-concept exploits and creating custom payloads and modules for common ethical hacking frameworks and tools
• Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.), custom payload development, or web application exploitation
• Well versed with security tools & frameworks like Metasploit, Cobalt Strike, Mythic, etc
• Extensive understanding of cryptographic concepts and applied cryptography
• Proficiency in one or more scripting language. E.g. Perl, Python, Shell Scripting etc
• Prior experience with exploit development or writing system modules in C & C++, a major advantage. Knowledge of high-level programming languages a bonus
• Prior experience with reverse engineering, malware analysis, and forensic tools will be an added advantage
• Experience leveraging AI to improve Red Team capabilities during exercises
• Good interpersonal, facilitation, and demonstrated emerging leadership skills
• Able to operate at an advanced level of written and spoken communication. Write and speak effectively with impact
• Good understanding of Ethernet, switched LAN and WAN environment and detailed understanding of layer 3 and layer 4 specifications, including IP, TCP, TCP/IP routing protocols and management of ACLs
• Knowledge of logical / physical access control methods, connections alternatives using private, public and wireless solutions, Network/Host Intrusion Detection Engines, Vulnerability Management Tools, Patch Management Tools, Penetration Testing Tools, Anti-Virus/Anti-Spyware solutions
• Conducts complex analytical functions by performing security assessments and ethical hacks of high-risk sensitive applications

Benefits

• Medical
• Dental
• Vision
• 401(k)
• FSA/HSA
• Life Insurance
• Paid Time Off
• Wellness Program
• Bonus
• Equity
• Remote work