Visa
Cybersecurity Engineer - GRC
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose
to uplift everyone, everywhere by being the best way to pay and be paid. Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa. Job Description
As a key member of the Cybersecurity Governance, Risk & Compliance (GRC) and M&A Integration team, the Cybersecurity Engineer
GRC will lead and support initiatives in IT compliance and risk management. Reporting directly to the Director of Cybersecurity, this position seeks a self-motivated professional with demonstrated expertise in PCI DSS and/or PCI 3DS as well as SOC 2. The successful candidate will utilize AI-driven tools and develop custom automation scripts to efficiently gather audit evidence, parse data, assess control deficiencies, and produce actionable recommendations. Oversee and coordinate security and compliance assessments, including PCI DSS, PCI 3DS, and SOC 2, involving preparation, evidence collection, stakeholder coordination, and remediation of identified gaps. Leverage AI and automation platforms to streamline audit evidence collection, control testing, and reporting procedures. Develop, maintain, and update automation scripts (using Python or other scripting/programming languages) for data extraction and analysis, control validation, and audit workflow optimization. Independently manage compliance activities such as penetration testing, ASV scanning, and re-testing cycles. Collaborate with technical and product teams to conduct security assessments, ensuring code and infrastructure changes align with PCI DSS and 3DS standards. Respond to client, partner, and third-party security assessments through timely communication and comprehensive responses. Refine GRC processes to enhance efficiency, scalability, and accuracy. Monitor emerging data security regulatory requirements and evolving IT and cybersecurity trends. This is a hybrid position. Expectations of days in the office will be confirmed by your Hiring Manager. Qualifications
Basic Qualifications: 2 + years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience. Masters graduates must have 2+ years of relevant work experience to qualify. Preferred Qualifications: 3 or more years of work experience with a Bachelor's Degree in Computer Science, Information Security, Management Information Systems, or another related field, or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD). Skilled in Python, PowerShell, or similar scripting/programming languages for automating data collection, validation, and reporting. Proficient in utilizing advanced AI solutions, including Copilot Researcher and ChatGPT, as well as automation platforms such as Power BI, LangChain, AuditBoard, and ServiceNow, to enhance GRC processes and other security-focused workflows. Demonstrated expertise with PCI DSS and/or PCI 3DS standards and SOC 2 controls. Strong working knowledge of audit and compliance processes, including controls testing and evidence lifecycle management. Proven ability to work independently with minimal supervision, while also collaborating effectively across teams. Strong communication, planning, and organizational skills. Must be highly flexible and able to manage multiple tasks and priorities. CRISC, CISM, CISA, PCIP, and/or CISSP certifications preferred.
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose
to uplift everyone, everywhere by being the best way to pay and be paid. Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa. Job Description
As a key member of the Cybersecurity Governance, Risk & Compliance (GRC) and M&A Integration team, the Cybersecurity Engineer
GRC will lead and support initiatives in IT compliance and risk management. Reporting directly to the Director of Cybersecurity, this position seeks a self-motivated professional with demonstrated expertise in PCI DSS and/or PCI 3DS as well as SOC 2. The successful candidate will utilize AI-driven tools and develop custom automation scripts to efficiently gather audit evidence, parse data, assess control deficiencies, and produce actionable recommendations. Oversee and coordinate security and compliance assessments, including PCI DSS, PCI 3DS, and SOC 2, involving preparation, evidence collection, stakeholder coordination, and remediation of identified gaps. Leverage AI and automation platforms to streamline audit evidence collection, control testing, and reporting procedures. Develop, maintain, and update automation scripts (using Python or other scripting/programming languages) for data extraction and analysis, control validation, and audit workflow optimization. Independently manage compliance activities such as penetration testing, ASV scanning, and re-testing cycles. Collaborate with technical and product teams to conduct security assessments, ensuring code and infrastructure changes align with PCI DSS and 3DS standards. Respond to client, partner, and third-party security assessments through timely communication and comprehensive responses. Refine GRC processes to enhance efficiency, scalability, and accuracy. Monitor emerging data security regulatory requirements and evolving IT and cybersecurity trends. This is a hybrid position. Expectations of days in the office will be confirmed by your Hiring Manager. Qualifications
Basic Qualifications: 2 + years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience. Masters graduates must have 2+ years of relevant work experience to qualify. Preferred Qualifications: 3 or more years of work experience with a Bachelor's Degree in Computer Science, Information Security, Management Information Systems, or another related field, or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD). Skilled in Python, PowerShell, or similar scripting/programming languages for automating data collection, validation, and reporting. Proficient in utilizing advanced AI solutions, including Copilot Researcher and ChatGPT, as well as automation platforms such as Power BI, LangChain, AuditBoard, and ServiceNow, to enhance GRC processes and other security-focused workflows. Demonstrated expertise with PCI DSS and/or PCI 3DS standards and SOC 2 controls. Strong working knowledge of audit and compliance processes, including controls testing and evidence lifecycle management. Proven ability to work independently with minimal supervision, while also collaborating effectively across teams. Strong communication, planning, and organizational skills. Must be highly flexible and able to manage multiple tasks and priorities. CRISC, CISM, CISA, PCIP, and/or CISSP certifications preferred.