Cybersecurity Engineer, M&A Automation
About the position Cybersecurity is at the beating heart of our culture. Our diligence and expertise is what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Cybersecurity team, poised to defend us against any potential cyber threats. We’re looking for those of you who are inherently driven and fascinated by the art and science of cybersecurity and more specifically, mergers and acquisitions with a specific focus on Cybersecurity integration. We’ll equip you with the very best tools and tech so that you can deliver top notch results. Continuous self-development underpins job fulfilment at Visa. As a Cybersecurity Engineer within the Cybersecurity M&A Team, you are uniquely placed to utilize and grow your engineering and defense skills across a myriad of security technologies. Your role will cover: Cyber Engineering: · Deploy and maintain security infrastructure: IDS, FIM, WAF, SASE, firewalls, web proxies, vulnerability scanners · Implement cloud security controls and automate security workflows · Develop SIEM correlation rules, dashboards, and alerts to detect cyber-attacks · Manage IAM solutions including Active Directory, SSO, and MFA · Apply expertise in network protocols and DDoS mitigation · Collaborate across cybersecurity and engineering teams to meet business requirements Cyber Defense and Incident Response: · Monitor and triage security alerts via SIEM, escalating and documenting incidents per operational procedures · Analyze sensor data (AV, IDS, Windows events, web proxy logs) to establish context and eliminate false positives · Contain and mitigate threats using approved incident response methodologies · Support time-critical investigations and collaborate with cross-functional teams · Operationalize threat intelligence from internal and external sources · Identify emerging threats, trends, and technologies impacting business security · Provide feedback to enhance detection capabilities and security posture · Respond to security incident reports via multiple communication channels This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.
Responsibilities
- Deploy and maintain security infrastructure: IDS, FIM, WAF, SASE, firewalls, web proxies, vulnerability scanners
- Implement cloud security controls and automate security workflows
- Develop SIEM correlation rules, dashboards, and alerts to detect cyber-attacks
- Manage IAM solutions including Active Directory, SSO, and MFA
- Apply expertise in network protocols and DDoS mitigation
- Collaborate across cybersecurity and engineering teams to meet business requirements
- Monitor and triage security alerts via SIEM, escalating and documenting incidents per operational procedures
- Analyze sensor data (AV, IDS, Windows events, web proxy logs) to establish context and eliminate false positives
- Contain and mitigate threats using approved incident response methodologies
- Support time-critical investigations and collaborate with cross-functional teams
- Operationalize threat intelligence from internal and external sources
- Identify emerging threats, trends, and technologies impacting business security
- Provide feedback to enhance detection capabilities and security posture
- Respond to security incident reports via multiple communication channels
Requirements
- 2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience
Nice-to-haves
- 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field
- Cybersecurity certifications (CISSP, CEH, OSCP, GSEC, GCIH, GCIA, GCED, GCFA, CySA+)
- Enterprise-level incident response and security operations experience
- Hands-on cybersecurity incident handling with associated IR tools
- Proficiency with security tools: SIEM, AV, WAF, IDS, Netflow, packet analyzers, EDR
- Deep knowledge of malware families and network attack vectors
- Strong TCP/IP, networking, and packet analysis skills
- Operating systems, network services, and application security knowledge
- Web application vulnerabilities (XSS, CSRF, SQL injection, DoS, API attacks)
- OWASP Top 10 and DDoS mitigation strategies
- Cloud security best practices and multi-tenant SaaS environments
- Regulatory framework knowledge (PCI DSS, ISO27001, ISAE3402)
- DevSecOps, CI/CD, containerization, and automation experience
- Strong interest and experience in AI/ML for cybersecurity applications (professional, academic, or personal projects)
- Programming and scripting proficiency for security automation
- Familiarity with machine learning algorithms, frameworks, and AI models in security contexts
- Experience with LLMs for threat analysis, automation, or security workflows (preferred)
- Exceptional problem-solving abilities with tenacity and resilience
- Strong communication and presentation skills across diverse audiences
- Leadership and interpersonal skills to build credibility and influence peers
Apply tot his job Apply To this Job