Title – Information Security Specialist
Location – CA- Foster City
Duration – 3 months. Possible extension based on performance
Visa Inc. is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories, enabling them to use digital currency instead of cash and checks.
Visa does not issue cards, extend credit or set rates and fees for consumers. Visa’s innovations enable its bank customers to offer consumers choices: Pay now with debit, ahead of time with prepaid or later with credit products. From the world’s major cities to remote areas without banks, people are increasingly relying on digital currency along with mobile technology to use their money anytime, make purchases online, transfer funds and access basic financial services. All of which makes their lives easier and helps grow economies.
Behind the Visa brand are more than 5,000 talented employees who continuously raise the bar with innovative solutions and products that deliver the convenience and security of digital currency to more people all over the world.
This candidate will join Information Security and will help drive the successful adoption of Secure Software Development Lifecycle practices across Visa’s product development teams and help build foundational application security capabilities.
Help define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security
Ensure end-to-end security of Visa products by hands on testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts
Improve secure coding practices, application security requirements, automation, training, and metrics.
Help build secure products and standards around emerging technologies and fields lacking existing standards and security practices
Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree preferred.
MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
Excellent understanding of web applications, web servers, layer 7application technologies, frameworks and protocols with respect to application development and deployment. Experience with struts, spring, or grail framework is a plus.
Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models. Deep knowledge of/experience with the following:
Agile SDLC processes and PMO reengineering
Enterprise and application architecture
SAST, DAST and fuzz testing tools
Operational knowledge of secure software development life cycle principles from training and requirements gathering to post-implementation operations support.
Senior Technical Recruiter | 425 457 7934
Connect with me on LinkedIn firstname.lastname@example.org