Associate Cybersecurity Engineer – Application Security Engineering

As an Associate Cybersecurity Engineer, you will be part of our Cybersecurity team to help design, enhance and build our Application Security Tools and Services in addition to supporting Visa Product Development teams in writing secure code free of Application Security Vulnerabilities in an agile development environment. You will work with colleagues, who will support and challenge you daily. You will work on designing secure web applications, unit testing, code reviews and regular check-ins to continuous integration that will become part of your DNA.

Our engineers do more than just write code:

Essential Functions

• Help define consistent Secure Software Development Lifecycle practices for all Visa technology projects throughout the planning and delivery cycles that assure that application security risks are mitigate.
• Ensure end-to-end security of Visa products by hands on testing, hypothesizing threats, helping development teams remediating risks upfront and championing secure implementation efforts.
• Improve secure coding practices, application security requirements, automation, training, and metrics
• Integrate threat modeling practices into the Software Development Lifecycle.
• Help build secure products and standards around emerging technologies and using existing standards and security practices.
• Perform Security Architecture and Low-Level Application Security Design review involving: Data Protection, Authentication and Authorizations, Web Application Security and Network Security.
• Actively use and evangelize the use of artificial intelligence (AI) to support application security practices and processes
• Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals.
• Collaborate with product and solution teams to achieve Cybersecurity software security program objectives.
• Manage cross-functional internal and external team collaboration, evangelization, and communications.
• Develop and optimize processes to improve software development efficiency in the consumption of security development practices.
• Maintain active understanding of industry practices for secure software development and incident response.

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs.