Associate Cybersecurity Analyst - Penetration Testing

The Associate Cybersecurity Analyst will work as a member of Visa Cybersecuritys Ethical Hacking (Penetration Testing) program. The objective of Visas Penetration Testing program is to proactively identify weaknesses and shortcomings in Visas security posture and recommend necessary controls/procedures to protect Visa from adversarial threats. With this mission in mind Visas Ethical Hacking Team experts are proactively involved in engagements that simulate adversarial threats and attacks in a timely manner.

The Associate Cybersecurity Analyst will be a key contributor for performing internal and external penetration tests of Visa applications and systems. Penetration Test team members also help with design development and recommendation of security solutions to protect Visa proprietary/confidential data and systems. The candidate will also assist with compliance objectives provide guidance/direction for the logical protection of information systems assets to other functional units prepare reports regarding effectiveness of information security adherence and make recommendations for the adoption of new policies and procedures for Visa services.

Essential Functions:

• Conduct high risk and sensitive penetration tests of internally and externally hosted applications globally according to scope defined by the penetration test team

• Subject matter expertise in web application API or network penetration testing

• Proactively research/identify vulnerabilities and provide recommended countermeasures or mitigating controls to reduce risk to an acceptable and manageable level

• Review results of network and application penetration tests in order to determine severity of findings and to ensure proper remediation is applied

• Provide accurate and timely reporting of findings and proposed remediation/mitigations

• Develop and automate scripts tools and resources needed to advance ethical hacking capabilities around new and emerging technologies like mobile cloud and embedded systems

• Active involvement in security research around new and emerging technologies

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 23 set days a week (determined by leadership/site) with a general guidepost of being in the office 50% or more of the time based on business needs.

Qualifications :

Basic Qualifications:
Bachelors degree OR 3 years of relevant work experience

Preferred Qualifications:
2 or more years of work experience
2 or more years of work experience and a Bachelors degree (or equivalent) in Computer Science Information Security or related field
Understanding of OWASP Top 10 and SANS Top 25 web application and network vulnerabilities
Understanding of cryptographic concepts and applied cryptography (SSL AES etc.)
Understanding and experience in using CVSSv3.0/3.1
Proficiency in one or more scripting language Perl Python Shell Scripting etc.
Proficiency in one or more high level programming languages like Java C C Ruby etc.
Expertise and experience in web application or API penetration testing is a plus
Understanding of OSI and TCP stack with emphasis on computer architecture and networking protocols
Knowledge of web application technologies and layer 7 protocols like HTTP DHCP DNS FTP etc.
Good understanding of networking concepts around Ethernet switched LAN and WAN environment
Familiarity with security tools & frameworks like Burp Suite Professional Nmap Nessus Kali is a plus
Strong problem solving and analytical skills
Strong verbal and written communication skills
Strong operational skills: quality and results oriented

Additional Information :

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 510% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk communicate in person and by telephone frequently operate standard office equipment such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 84600.00 to 119650.00 USD per year which may include potential sales incentive payments (if applicable). Salary may vary depending on jobrelated factors which may include knowledge skills experience and location. In addition this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical Dental Vision 401 (k) FSA/HSA Life Insurance Paid Time Off and Wellness Program.

Remote Work :

No

Employment Type :

Fulltime