Cybersecurity Analyst - Mobile Mac Security

The Mobile & Mac Security (MMS) team is looking for a talented Cybersecurity Analyst to join our team in Singapore and ensure the highest security standards for our Mobile and Mac consumer and corporate products and services.

Who are we

The Mobile & Mac Security (MMS) team part of the overall Cybersecurity department at Visa Inc. operates as a flexible and fastpaced team very similarly to a mini startup within our overall organization. We aim to excel at Whitehat hacking skills to keep our organization secure... and have fun doing it!

Who are we looking for

We value diversity within our team and believe that its who you are and what you do that will make us a better and stronger team. We always cherish differences of opinion and aim to learn from every team member no matter their level or experience in our daytoday activities.

We care about you what drives you your motivation and your desire to perform within our team more than any certification or diploma you may have. Those values will be essential focus points for us during the interview so dont hesitate to tell us more about them!

Remember we hire humans not robots (at least not yet)!

The classic stuff that you should read:

As a member of Visas MMS team youll join a dynamic team in order to help:

• Help develop maintain support and innovate on various internal Cybersecurity tools we leverage on a daily basis.

• Perform ethical penetration testing on various Visa mobile and Mac assets to simulate reallife security vulnerabilities and scenarios.

• Execute successful adaptation of mobile and Mac security assurance across Visa.

• Identify weaknesses and shortcomings in Visas existing security posture of various products and recommend and enhance all necessary controls to effectively protect Visa assets and services from intentional or inadvertent modification.

• Help build foundational application security capabilities.

• Develop automated tools and scripts to optimize various testing process and flows.

Essential Functions:

• Create mobile security guidelines requirements and standards for mobile product development as well as enterprise mobile deployment and proactively mitigate risks associated with information security.

• Analyze security gaps in mobile technologies and frameworks that lack standard validation methodologies and incorporate remediation practices to reduce risk posture of Visa products and assets.

• Develop tools and frameworks required performing advanced and complex mobile security assurance and ethical hacking activities.

• Research on mobile platform releases capabilities and functionalities to understand and establish mobile security standards.

• Define implement and scale consistent mobile security practices for all Visa technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security.

• Integrate architectural risk assessment and threat modeling of largescale enterprise applications and infrastructure into Software Development Lifecycle to identify and reduce risk associated with information security in a timely manner.

• Ensure endtoend security of Visa products by means of handsontesting threat hypothesis risk remediation advises and championing secure implementation efforts.

• Improve secure coding practices application security requirements automation training and metrics.

• Build strong crossorganizational relationships and effectively influence staff across the IT organization and broader enterprise.

• Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals.

• Collaborate with product and solution teams to achieve Global Information Security software security program objectives.

• Define a simplified security metrics approach that enables executive leaders line leader and operational staff to quickly act on application security related risks.

• Collaborate with all internal and thirdparty application development teams to define an enterprise set of reasonable security controls that will protect company brand from real or perceived security breaches.

• Build secure products and standards around emerging technologies and fields lacking existing standards and security practices.

• In addition develop and optimize processes to improve software development efficiency in the consumption of security development practices. Utilizes graduatelevel research and analysis skills.

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 23 set days a week (determined by leadership/site) with a general guidepost of being in the office 50% or more of the time based on business needs.

Qualifications :

Basic Qualifications:
2 years of relevant work experience and a Bachelors degree OR 5 years of relevant work experience

Preferred Qualifications:
3 or more years of work experience with a Bachelors Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters MBA JD MD)
23 years minimum of professional experience in a Cybersecurityrelated field.
Strong experience with one or more of the following programming languages: Node Python Java Swift and ObjectiveC strongly preferred.
MUST have deep understanding of OWASP Top 10 and CWE 25. Proven track record and experience in implementing and integrating remediation strategies.
MUST understand the basics of a mobile application and platform security concepts. Deep understanding of those platforms and advanced concepts related to SDKs and mobile wallets preferred.
Excellent penetration testing application risk assessment and risk categorization skills including but not limited to reverseengineering network interception and manipulation offensive and defensive attacks as well as database and crosssite scripting injection attacks.
Deep understanding of web applications common architectures development frameworks and web protocols.
Candidates with experience in the following tools/technologies should apply and are strongly preferred: Burp Suite IDA pro APKTool Hopper HP Fortify CheckMarx (Sast/Dast) Cycript XPosed Charles dex2jar Kali Linux Wireshark or any mobile security and/or penetration testing tools or frameworks.
Candidates should be familiar with the agile development process and have experience integrating secure development practices into the model efficiently.
MUST be a highly effective communicator and able to write with proper grammar.
Solid problem solving and analytical skills. Able to quickly digest any issue/problem encountered and recommend an appropriate solution.
Selfmotivated and able to work independently.
Demonstrated leadership qualities flexibility adaptability to changes in roles and responsibility as required.
Excellent operational skills. Quality and results oriented.
Strategic thinker visionary and innovative
Bi/multilingual a plus.
Strong client service orientation.
Able to negotiate and bring consensus to diverse priorities of product development and solution teams.
Comfortable with a remote management dynamic.

Additional Information :

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Remote Work :

No

Employment Type :

Fulltime