Information Security Analyst jobs in United Kingdom

Cybersecurity is at the heart of our culture. Our diligence and expertise are what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Security Architecture team, poised to defend us against any potential cyber threats.

We are seeking a talented and motivated Cybersecurity Analyst to join our security architecture and engineering team. The successful candidate will work closely with senior security architect consultants to assess, implement, and improve security controls for Visa’s applications, APIs, cloud environments, and development pipelines including GenAI services.

This role is hands-on, requiring good coding skills, familiarity with modern cloud platforms, and practical experience with Generative AI (GenAI) technologies. You will contribute to threat modelling, security reviews, and the integration of security best practices for all services and systems reviewed.

Essential Functions:

• Support security architecture reviews for web, API, and backend applications, working alongside senior security staff.
• Assist in security assessments during the development lifecycle, including contributing to scoping discussions, performing threat modelling, and participating in peer reviews.
• Help implement security controls within application frameworks, ensuring alignment with Visa’s security standards.
• Contribute to the identification and analysis of application on prem and cloud security vulnerabilities, recommending appropriate mitigations.
• Apply coding skills to review source code where applicable, develop proof-of-concept security tools or scripts, and automate security checks.
• Support security evaluations and help monitor ongoing security advisories.
• Gain experience in the security implications of infrastructure as code (IaC) technologies (Terraform, Ansible, AWS CloudFormation) and CI/CD pipelines.
• Assist in the security review of AI/ML and GenAI-related services, including prompt injection risks, data privacy, and model security controls.
• Stay informed about current and emerging cybersecurity threats, security testing tools, and AI-driven security solutions.
• Collaborate with cross-functional and geographically distributed teams to ensure security requirements are understood and implemented.
• Help maintain and update security documentation, technical guidelines, and reference architectures.

This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.

Basic Qualifications:

• Demonstrable coding skills in at least one modern language (Python, Java, Go, or similar).
• Practical experience working with Generative AI (GenAI) technologies or AI/ML systems, with the ability to explain key security considerations, risks, and basic control approaches for AI-driven systems. (Deep implementation expertise not required at this level, but a strong foundational understanding is essential).
• Working knowledge of cloud platforms (AWS, Azure, GCP) and common security patterns for cloud-native applications.
• Familiarity with security principles for on-premise network, application security and cloud environments.
• Understanding of threat modelling and vulnerability assessment processes.
• Awareness of common security standards and frameworks (PCI-DSS, NIST, ISO 27001).

Preferred Qualifications:

• Exposure to security controls in GenAI platforms (e.g., LLMs, AI/ML pipelines).
• Exposure to container technologies (Docker, Kubernetes) and associated security tools.
• Familiarity with DevOps practices and security automation.
• Experience with vulnerability management solutions.
• Awareness of regulatory and compliance requirements relevant to the payments industry (e.g., PCI, GDPR).

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.