Sr. Cybersecurity Analyst

We are seeking a Cybersecurity Software Engineer to join our Center of Excellence within the Cybersecurity & Risk team. This role will lead strategic initiatives in application security, vulnerability remediation, and compliance exception handling. You’ll collaborate across engineering, infrastructure, and product teams to drive secure development practices and ensure alignment with Visa’s global security standards.

Responsibilities:

Security Compliance & Shift-Left Execution

• Ensure timely closure of security findings within Required Remediation Dates (RRD)
• Manage exception workflows aligned with internal governance and external standards (e.g., PCI DSS V4)
• Identify compliance gaps and drive shift-left strategies to reduce recurring issues
• Partner with Cybersecurity SMEs and development teams to validate remediation plans and escalate overdue items
• Support automation and tooling enhancements for compliance tracking and reporting

IAM Control Enforcement

• Coordinate enforcement of IAM controls (e.g., unapproved access, rogue violations, password rotation, SSH key hygiene)
• Track unresolved findings and collaborate with platform teams to resolve blockers
• Ensure consistent application of IAM standards across CMS and other Technology Leadership Teams (TLTs)

Security Exception Management

• Oversee the lifecycle of exception requests across platforms and services
• Validate remediation plans and monitor expiration timelines

Vulnerability Remediation

• Lead resolution of high-priority findings (e.g., insecure configurations, deprecated protocols, exposed secrets)
• Coordinate with tooling teams to purge sensitive data and close findings

Security Testing Automation

• Drive automation of Dynamic Application Security Testing (DAST) using tools like Burp Suite Enterprise
• Integrate security scanning into CI/CD pipelines for scalable deployments

Developer Enablement

• Organize workshops and forums on container security, IAM, secure architecture, and security best practices
• Promote adoption of developer-friendly security tools for code hygiene and reachability analysis

Cross-Functional Leadership

• Act as a central point of contact for technical debt resolution and exception tracking
• Ensure continuity through backup coverage and support during team transitions

Exception & UAR Management

• Monitor exception volumes and identify opportunities to shift-left.
• Manage User Access Revalidation (UAR) completion within TLT.
• TLT Forum Engagement Represent CMS in TLT Cybersecurity SME forums and IAM / TLT Bi-weekly meetings.

Dashboard & Tooling Oversight

• Validate data in Cyber Security dashboards and ensure CMS metrics are accurately reflected.
• Advocate for necessary improvements to reduce false positives and improve remediation accuracy.

This is a hybrid position. Expectations of days in the office will be confirmed by your Hiring Manager.

Visa is not offering relocation assistance for this role.