**Job Description**

Job Description

This Associate Cybersecurity Analyst position will serve as part of Visa’s Cybersecurity Audit and Compliance (A&C) function within the Cybersecurity Governance Risk and Compliance and M&A Integration (GRC) team, reporting to Director/Sr. Director. This position will provide oversight, coordination, and delivering the activities that support successful internal audits, external audits and compliance, regulatory activities, and external customer/client requests while effectively balancing the individual elements of these activities.

**Essential Functions**

* Support the delivery of successful internal audits, external audits and compliance, regulatory activities, and external customer/client requests
* Assist with validating the ongoing effectiveness of Cybersecurity controls across Visa (both automated and manual), working with a variety of control owners within the Cybersecurity organization, and evaluating control design and standards in a variety of program areas. You will be assessing the security on various platforms and technologies from attacks like:

+ Payment processing platforms, Payment Wallet solutions, Consumer facing applications, COTS products deployed in house,
+ SaaS, PaaS, and IaaS public cloud offerings
+ Mainframe, Linux, Windows, and virtual machines
+ IDS, SIEM, WAF, Firewalls
+ HSMs, Tokenization systems, data encryption solutions
+ APIs, Web technologies,
+ Relational and noSQL databases
+ Access Management solutions
* Stay up to date on new security tools & techniques in the information security space
* Familiarity with regulatory standards that will help Cyber teams to achieve various compliance certifications like PCI, RBI, etc.
* Assist in developing data points into Information Security risk management reporting activities, including dashboards, metrics, and executive reporting content
* Assist in developing dashboards and automate tasks to increase efficiency and reduce redundancy
* Document assessment findings, prepare workpapers, and support assessment conclusions

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.

**Qualifications**

Basic Qualifications:

* Bachelors degree, OR 3+ years of relevant work experience

Preferred Qualifications:

* 2 or more years of work experience in Information Security, Assurance, Audit, Risk, and/or Compliance

o Open to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) if candidate can demonstrate relevancy to this Information security-based role

* Bachelor’s degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or another related field
* Experience working with multiple individuals on internal and external delivery
* Exceptional communication skills – both written and verbal to support compliance and certification audits
* Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines
* Experience in Audit/Compliance/Regulatory discussions and proactive readiness activities in a large global financial institution or a matrix organization
* 1+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, RBI Regulations, SOX, SSAE16/ISAE3402, SOC 2 and others
* Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by Industry standards
* Demonstrated ability to create, manage, and share interactive dashboards and reports using Microsoft PowerBI or other data analysis tool.
* Working knowledge in extracting, cleaning, and processing data from various sources including databases, APIs, and flat files
* Familiarity in Risk and Control Self-Assessment activities related to Cybersecurity function
* High level of integrity and professionalism CISSP, CISA, CISM, PCI QSA/ISA Certifications preferred