Cybersecurity Threat Response Specialist

Job Opportunity: Network Security Analyst

Company Overview:

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year.

Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

The position requires an in-depth understanding of how logical and physical connectivity issues can affect network and systems security posture and transaction quality.

This is a hybrid position. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.

The position involves shift work with 9-hour shifts between 7 AM and 7 PM based on the published schedule, to cover work 365 days a year.

• Monitor, analyze, and resolve network/cloud security devices, systems, and tools incidents.
• Troubleshoot issues stemming from configurations on platforms such as firewalls including web application firewalls, proxies, distributed denial of service systems, data labeling and loss systems, and host-based security controls.
• Follow both work instruction playbooks and runbook automations activities. Provide feedback to modify and suggest changes to work instructions for similar impacting events.
• Understand and work within established Service Level Agreements (SLA) to ensure timely response.
• Support and promote Visa's Cybersecurity operation standards and excellence.
• Continuous improvement of core functions expected from Cybersecurity Operations Center.
• Track, update, and resolve all assigned incidents, changes, and problem reports in the incident management system, ensuring that documentation is thorough, accurate, and meets a standard of high quality.
• Follow documented support procedures, managing each issue through resolution or turnover to maintain established service levels.
• Solicit feedback of documented procedures to accurately record resolution and ensure client satisfaction.
• Measure and review work instructions for accuracy of execution and to drive toward objective response and restoration time frames. Review and solicit improvements through second level support groups and peers.
• Maintain and achieve new technical skills through in-house or external trainings by engineering or higher-level support teams.
• Modify and create work instructions or Recipes to prepare for similar impacting events and allow for a quicker response.
• Constantly review work instructions for accuracy and ask for improvements through second level support groups.
• Lead, support, or contribute based on various incident bridges stewardship in support of timely resolution of internal issues.
• Proactively monitor, recognize, analyze, isolate and/or resolve documented hardware and software problems utilizing a variety of hardware and software testing techniques.
• Articulate problem statements with clarity. Consult with L2 support groups or development teams to drive toward long-term restoration and resolution of incidents.
• Responsible for the internal and external communication of issues to management, other internal support groups, customer pages, email broadcasts, or verified phone calls.

1. 3 or more years of work experience with a Bachelor's Degree or 2+ years of work experience.
2. Work experience or training as a Network/Security Operations Engineer, network/security support analyst or experience across multiple technologies such as firewalls including web application firewall, proxies, distributed denial of service systems, data labelling and loss systems.
3. Understanding of network monitoring concepts and management tools. Knowledge of systems, application, and fault monitoring toolsets namely Indeni, Splunk, Moloch, QRadar, Solarwinds, NetCool, or other similar platforms.
4. Functional understanding of packet and protocol from firewall/and other systems through tools such as Wireshark to support troubleshooting activities.
5. Demonstrate knowledge of native cloud-based security monitoring tools.
6. General knowledge of networking and routing topology, cybersecurity frameworks, constructs and auditable standards.
7. Communicate effectively throughout the incident management process to ensure that all communications are timely and accurate, as per documented process.
8. Understanding, proficiency, or certification of Information Technology Infrastructure Library (ITIL) concepts, preferably with Knowledge of ServiceNow or other incident and change management tools.
9. Familiarity of payment transaction message flows and the diverse types of exceptions that could be encountered resulting in client impacts such as message delivery outages, theft, or fraud.
10. Possess the background, experience, or skills to maintain both central and distributed firewall platforms such as Provider-1, Panorama management and logging infrastructures.
11. MS Office suite functional use.