Friday, November 25, 2011

Sr. Info. Security Analyst - Cyber Threat Modeling Analyst Visa - San Mateo


Job Description

Cyber Threat Modeling Analyst
Visa Inc. is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories, enabling them to use digital currency instead of cash and checks.

Visa does not issue cards, extend credit or set rates and fees for consumers. Visa's innovations enable its bank customers to offer consumers choices: Pay now with debit, ahead of time with prepaid or later with credit products. From the world's major cities to remote areas without banks, people are increasingly relying on digital currency along with mobile technology to use their money anytime, make purchases online, transfer funds and access basic financial services. All of which makes their lives easier and helps grow economies.

Behind the Visa brand are more than 5,000 talented employees who continuously raise the bar with innovative solutions and products that deliver the convenience and security of digital currency to more people all over the world.

Overview:

Join a growing, fast-paced and high-performance Cyber Security team. Information security is an integral part of Visa’s corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, and it is the responsibility of each and every employee to safeguard information, protect it from unauthorized access, and ensure regulatory compliance. Information security has a significant effect on privacy, consumer confidence, external reputation, and/or the bottom line, and it is a priority on everyone’s agenda.

The successful candidate will work in the vulnerability management program and will periodically assess the infrastructure and track internal and external threats and vulnerabilities and apply appropriate risk-ratings to prioritize remediation to ensure Visa is appropriately protected and to continuously add value for our clients. This role will coordinate with IT Ops & Eng and business personnel to ensure remediation solutions are identified, tested and made available to all groups responsible for vulnerability remediation; and works on improving business vulnerability remediation processes.

Responsibilities:

The candidate will:
· Should have strong technical security skills with hands-on experience.
Implement under the direction of the team leader the recently updated enterprise-wide strategy for the Vulnerability Management Program with emphasis on creating a mature program with established key initiatives/projects focused on the reduction of technology risk within Visa.
Conduct continuous security assessments on network, application, and infrastructure components; conduct causal analysis and work across IT and business teams to develop solutions that address root causes.
Enhance existing vulnerability management tools and processes to extend coverage, increase effectiveness and expand capabilities.
Work with diverse IT and business teams to remediate identified vulnerabilities in a risk prioritized, effective and efficient fashion.
Conduct continuous analysis of security threat information (viruses, malicious code, industry events, hackers and zero day exploits, OEM weaknesses, IDS/IPS and SIEM alerting, etc.) in order to proactively assess and investigate emerging threats and potential impact to Visa.
Coordinate technical aspects of threat response and internal investigations in support of Audit, Legal, Human Resources, Corporate Security and Executives.
Lead the development of a data model and data architecture to support the Vulnerability Management Program; devise and implement key risk indicators, metrics and reporting across all threat vectors with the goal of identifying current threats and Visa’s ability to defend against those threats.
· Assist the various Information Security teams such as the Investigations and Forensics team with quality research and assistance in solving complex cases. Assist the Cyber teams by Identifying, recording and managing host- and network-based indicators of compromise (IOCs)
· Interact and assist other investigative teams within Visa (e.g. risk) on time sensitive, critical investigations
· Ability to effectively identify, evaluate and communicate new and ongoing security threats to senior management

Qualifications:
Bachelors Degree in Computer Science (or related field) or equivalent work experience
5 to 8 years of experience in Information Security with experience in vulnerability management, pen testing or other security scanning.
Familiar with Vulnerability Management tools such as nCircle IP360, Qualys QualysGuard, McAfee Foundstone, Tenable Nessus, etc.
Extensive knowledge and experience with diverse IT architectures and enterprise IT data centers, large scale transaction processing environments, external hosted services and cloud computing environments. Extensive knowledge and experience with physical and virtual server configurations and implementations.
Extensive experience working with perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.) and vulnerability management tools (i.e. vulnerability scanners, file integrity monitoring, configuration monitoring, etc.).
Extensive knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.).
Knowledge of and experience with applying Common Weakness Enumeration (CWE), Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVS and Open Web Application Security Project (OWASP) processes and remediation recommendations.
Strong technical skills and hands on experience assessing threats to and identifying weaknesses in multiple operating system platforms, database and application servers, custom and off the shelf applications, etc.
· Moderate to strong scripting/programming skills and familiarity with ethical hacking beneficial
Must be both a self-starter and team player with the ability to work independently with limited supervision
Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively.
Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
· Security-related certifications a plus
Apply Now - Resume or CV with Job Post Title
Email: jobs@aarenconsultants.in
Related Posts Plugin for WordPress, Blogger...