Wednesday, March 11, 2015

Information Security Specialist

Title –  Information Security Specialist
Location – CA- Foster City
Duration – 3 months. Possible extension based on performance

Visa Inc. is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories, enabling them to use digital currency instead of cash and checks.
Visa does not issue cards, extend credit or set rates and fees for consumers. Visa’s innovations enable its bank customers to offer consumers choices: Pay now with debit, ahead of time with prepaid or later with credit products. From the world’s major cities to remote areas without banks, people are increasingly relying on digital currency along with mobile technology to use their money anytime, make purchases online, transfer funds and access basic financial services. All of which makes their lives easier and helps grow economies. 
Behind the Visa brand are more than 5,000 talented employees who continuously raise the bar with innovative solutions and products that deliver the convenience and security of digital currency to more people all over the world. 


This candidate will join Information Security and will help drive the successful adoption of Secure Software Development Lifecycle practices across Visa’s product development teams and help build foundational application security capabilities.

Help define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security 
Ensure end-to-end security of Visa products by hands on testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts 
Improve secure coding practices, application security requirements, automation, training, and metrics. 
Help build secure products and standards around emerging technologies and fields lacking existing standards and security practices 

Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree preferred. 
Hands on experience with one or more of the following programming languages: Java, JavaScript, C#, C++, PHP and Ruby; Experience in building ENTERPRISE web applications preferred. 
MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies 
Excellent understanding of web applications, web servers, layer 7application technologies, frameworks and protocols with respect to application development and deployment. Experience with struts, spring, or grail framework is a plus. 
Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models. Deep knowledge of/experience with the following: 
Agile SDLC processes and PMO reengineering 
Enterprise and application architecture 
SAST, DAST and fuzz testing tools 
Operational knowledge of secure software development life cycle principles from training and requirements gathering to post-implementation operations support. 

Kessler Sebastine
Senior Technical Recruiter  | 425 457 7934
Connect with me on LinkedIn