Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.
Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.
Job DescriptionThis leadership position is part of Visa's Cybersecurity Regulatory, Audit, and Compliance function within the Cybersecurity Governance Risk and Compliance and M&A Integration (GRC) team. Reporting to the Senior Director, this role involves overseeing, coordinating, and delivering activities that support regulatory operations, internal audits, external audits, and customer/client requests. The primary responsibility will be to manage technical requests from regulators in the US, UK, and other regions where Visa operates.
In addition, this role will ensure ongoing design and effectiveness of Cybersecurity controls across Visa (both automated and manual), working with technology/business control owners across the Visa organization, and using a variety of industry standards during the assessments.
The ideal candidate should be a visionary leader, capable of developing compelling narratives, constructing clear arguments, and demonstrating executive presence. They must also excel in execution to successfully integrate the various elements of these activities.
Essential Functions:
Oversee and manage audits, compliance, and regulatory activities related to Cybersecurity, including: FBA/FFIEC, Bank of England, other regulators, GLBA, SSAE16/ISAE3402, SOC 2, PCI-DSS, Sarbanes-Oxley (SOX), internal audits, ISO, NIST, COSO, COBIT, and customer/client inquiries.
Collaborate with various functions such as corporate compliance, internal audit, enterprise risk management, regulatory risk, and technical teams to facilitate audit, regulatory, and compliance practices for information security.
Promote proactive readiness activities and enhance information security based internal controls to support future reviews.
Leverage Artificial Intelligence tools or other automation tools to improve efficiency and productivity in audit and compliance processes.
Develop comprehensive risk management reports, including dashboards, metrics, and executive summaries.
Advise Cybersecurity leadership on the status of technology risk and compliance issues, based on assessment results and information from various monitoring and control systems.
This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.
QualificationsBasic Qualifications:
• 8+ years of relevant work experience with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience.
Preferred Qualifications
• 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
• Bachelor’s degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or another related field.
o Significant and relevant technical experience meeting the job description may be substituted for degree requirements.
• 8-10 years of leadership experience in Information Security, Audit, Risk, and/or Compliance.
o Open to experience in other relevant fields (i.e., finance, business administration, information technology, etc.) as long as a candidate can demonstrate relevancy to this Information Security based role.
• 6+ years direct participation and experience across common industry security policy areas, including, but not limited to, PCI-DSS, ISO, NIST, COSO, COBIT, FFIEC, SOX, SSAE16/ISAE3402, SOC 2 and others. Candidates with experience in Audit/Compliance/Regulatory discussions and proactive readiness activities in a large global financial institution or a matrix organization preferred.
• Proven experience collaborating with multiple stakeholders on both internal and external delivery and communication initiatives.
• Ability to synthesize diverse data points, solve problems, and develop comprehensive and effective execution and risk mitigation plans.
• Strong executive presence and exceptional communication skills, with experience in audit, compliance, regulatory discussions, and proactive readiness activities with internal partners and external clients.
• Capability to influence beyond the immediate team and engage with more experienced or senior individuals.
• Must be highly flexible and able to manage multiple tasks and priorities under tight deadlines.
• Advanced Degree (e.g., Masters, MBA) in related field.
• Data Analysis skills using Microsoft Excel, SQL, or other scripting languages.
• Broad and deep experience across PCI standards (DSS, PIN, P2PE, Token etc.) with the ability to apply the standards with confidence across different organizational contexts.
• Previous experience in implementing or managing Governance, Risk, and Compliance (GRC) tools, as well as developing dashboards and creating tools to automate tasks in order to enhance efficiency. Additionally, prior experience in utilizing Artificial Intelligence tools to improve efficiency.
• CISSP, CISA, CISM, CEH, PCI QSA/ISA Certifications preferred.
Work Hours: Varies upon the needs of the department.
Travel Requirements: This position requires travel 5-10% of the time.
Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.
U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 159,100.00 to 230,900.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.