Information Security Manager

Summary

Join Visa, a global leader in payments and technology, as a Security professional. Lead and maintain compliance with SOC2 and ISO 27001 standards. Perform threat modeling, security architecture design reviews, and respond to audits. Provide security guidance to engineering and operational teams. Contribute to Visa's security policies and improve existing frameworks. Lead security initiatives and due diligence activities. This is a remote position.

Requirements

5+ years of relevant work experience with a Bachelor’s Degree

Responsibilities

• Lead and maintain compliance with SOC2 and ISO 27001
• Perform threat modelling, and security architecture design reviews on the entity’s applications/infrastructure and provide guidance on effective countermeasures
• Respond to audit and client assurance questionnaires and perform security due diligence of suppliers
• Be a subject matter expert and provide security guidance and recommendations to engineering and operational teams
• Contribute to Visa’s security policies, standards, and guidelines related to Information security
• Improve existing frameworks, processes, methodologies related to due diligence and integration of entities
• Lead security initiatives, due diligence and integration activities with Visa
• Understand the broad regulatory landscape affecting Visa business areas; remain current with emerging regulatory sentiments as well as solution trends in the marketplace

Preferred Qualifications

• 6 or more years of work experience with a Bachelor's degree in computer science, information technology, or related disciplines
• Experience with SOC2 Type 2, ISO 27001, PCI , SWIFT CSP
• Hands on experience performing Security Architecture reviews / Threat Modelling
• Experience working in banking or highly regulated financial institutions
• Strong knowledge of Secure Software Development Lifecycle methodologies
• Experience working on large scale cloud-based services and understanding of security challenges in deploying Cloud Applications
• Industry standard certifications like CISSP, SABSA, OSCP, CISM
• Strong written and oral communication skills to document reports on assessments and communicate potential weaknesses to the IT team or management
• Experience supporting M&A activities is a plus

Benefits

This is a remote position