Associate Cybersecurity Analyst - Third Party Technology Risk Management

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Job Description

Visa is looking for a candidate to join its Cybersecurity 3rd Party Technology Risk Management (3PTRM) team as an Associate Cybersecurity Analyst, which works with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet Visa security requirements and mitigate any risks that are associated with engagement of third parties. The Analyst will work closely with Supplier Relationship Owners (SROs) and other Cybersecurity teams such as penetration testers, security architects, etc. to assess and monitor third parties that do business with Visa. The role requires the candidate to have strong analytical, communication, and organizational skills, as well as a solid understanding of cybersecurity concepts and best practices.

Essential Functions

• Perform risk/security assessments of Suppliers and Third-Party relationships to identify, validate and remediate risks Cybersecurity Risks. This may include performing interviews, document design assessments and walkthroughs of cybersecurity controls.
• Support ongoing monitoring of Suppliers and Third Party to review compliance against compliance and regulatory requirements.
• Participate and conduct onsite assessments of Third Parties against Visa’s security framework and industry security standards. Support risk/security assessments for special projects involving Third Parties.
• Support PCI-related activities relevant to third parties to ensure compliance with PCI requirements.
• Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations.
• Proactively follow-up with Suppliers to ensure prompt remedial actions for assessment findings.

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications

Basic Qualifications:

• Bachelor’s degree, OR 3+ years of relevant work experience.

Preferred Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or
• related field, or equivalent work experience.
• Minimum of 1 years of experience in cybersecurity, IT audit, or IT risk
• management.
• Experience in cybersecurity, IT audit, risk management, compliance, or related
• fields.
• Knowledge of cybersecurity frameworks and standards such as NIST, ISO, PCI,
• etc.
• Proficiency in at least one scripting/programming language (e.g., Python, Java, JavaScript/TypeScript).
• Generative AI: Proven experience in developing solutions using Large Language Models and AI frameworks such as LangChain, Hugging Face, or OpenAI.
• Agentic AI: Experience with the concepts and practical applications of agentic AI or autonomous AI agents is highly desirable.
• Strong written and verbal communication skills, and ability to communicate
• effectively with technical and non-technical audiences.
• Ability to work independently and collaboratively in a fast-paced environment.
• Certifications such as CISSP, CISA, CISM, CRISC, or equivalent are preferred.

Additional Information

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.