Incident Response Cyber Security Analyst

Job Description

Information security is an integral part of Visa's corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued, where you can work with like-minded peers who are passionate about the art & science of cyber defense, and where you can use state of the art tools for maximum impact, then we have a home for you.

JOB DESCRIPTION

The successful candidate will be responsible for providing frontline cyber incident response services while contributing tooperational improvement initiatives.The candidate will join a team of information security analysts in a global security operations center. These analysts are the primary cyber defenders on the frontline protecting Visa networks and systems. The team is part of a larger cybersecurity organization which is located across multiple geographic sites that is responsible for the comprehensive cyber defense of Visa and its subsidiaries.

• Monitor information security alerts though the use of a Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts
• Utilize sensor data and correlated logs containing IDS/IPS, AV, Windows events, web proxy, and similar data to establish context and to rule-out false positives
• Follow established incident response playbooks and identify and communicate opportunities for improvement
• Support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation
• Mitigate and contain identified threats using approved methodologies when detected. Initiate escalation procedures and incident response processes as defined in operational plans
• Interact and aid other investigative teams within Visa on time sensitive, critical investigations
• Participate as part of a close team of technical specialists on coordinated responses and remediation of security incidents
• Provide feedback to peer teams to enhance the sensor set and improve signature fidelity
• Contribute to projects that enhance the security posture of the enterprise
• Identify trends, potential new technologies, and emerging threats which may impact the business
• Operate and administrate Security Information and Event Management (SIEM) platforms.
• Utilize common security tools, such as a SIEM, AV, scanners, proxies, WAF (policies rules, process and workflow), netflow, IDS or forensics tools

Qualifications

• 3 years of work experience in security, network, or cyber engineering/computer network defense with a Bachelor’s Degree or an Advanced Degree (e.g. Masters, MBA, JD, MD, or PhD)
• Demonstrated experience in an enterprise-level incident response team or security operations center. Direct experience handling advanced cyber security incidents and associated incident response toolset

• Relevant security related certifications a plus: CISSP, GCIA, GSEC, GCIH, GCED, GCFA, GREM
• Strong analytical skills and an ability to quickly learn and adapt to new technologies
• Possess functional knowledge and administrative experience on Windows and Unix/Linux Platforms, as well as TCP/IP, networks (including firewalls, routers, and ACLs)
• Strong working knowledge of malware analysis in its varying forms (including network attack vectors and YARA RegEx),, common delivery mechanisms, and common mitigation steps
• Ability to communicate and collaborate effectively with both technical and non-technical team members in a geographic/culturally diverse, fast-paced workforce.
• Proven subject matter ability in relevant areas, such as incident response, intrusion analysis, incident handling, malware analysis, web security or security engineering and cloud security incident handling/best practices.

Additional Information

• Incumbent must make themselves available during core business hours.

• This position requires the incumbent to travel for work less than 5% of the time.

• This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

All your information will be kept confidential according to EEO guidelines.