Job
Description
Visa is looking for a candidate to join its Cybersecurity 3rd Party Technology Risk Management (3PTRM) team as an Associate Cybersecurity Analyst, which works with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet Visa security requirements and mitigate any risks that are associated with engagement of third parties. The Analyst will work closely with Supplier Relationship Owners (SROs) and other Cybersecurity teams such as penetration testers, security architects, etc to assess and monitor third parties that do business with Visa. The role requires the candidate to have strong analytical, communication, and organizational skills, as we'll as a solid understanding of cybersecurity concepts and best practices. Essential Functions: Perform risk/security assessments of Suppliers and Third-Party relationships to identify, validate and remediate risks Cybersecurity Risks. This may include performing interviews, document design assessments and walkthroughs of cybersecurity controls. Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements. Participate and conduct onsite assessments of Third Parties against Visa s security framework and industry security standards. Support risk/security assessments for special projects involving Third Parties. Support PCI-related activities relevant to third parties to ensure compliance with PCI requirements. Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations. Proactively follow-up with Suppliers to ensure prompt remedial actions for assessment findings. Basic Qualifications: Bachelors degree, OR 3+ years of relevant work experience Preferred Qualifications: 2 or more years of work experience. Bachelor s degree in Computer Science, Information Systems, Engineering, or related field, or equivalent work experience. Minimum of 1 years of experience in cybersecurity, IT audit, or IT risk management. Experience in cybersecurity, IT audit, risk management, compliance, or related fields. Knowledge of cybersecurity frameworks and standards such as NIST, ISO, PCI, etc. Strong written and verbal communication skills, and ability to communicate effectively with technical and non-technical audiences. Ability to work independently and collaboratively in a fast-paced environment. Certifications such as CISSP, CISA, CISM, CRISC, or equivalent are preferred.
