About Us Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories, dedicated to uplifting everyone, everywhere by being the best way to pay and be paid.
At Visa, you'll have the opportunity to create impact at scale — tackling meaningful challenges, growing your skills and seeing your contributions impact lives around the world.
Join Visa and do work that matters – to you, to your community, and to the world. Progress starts with you.
Job Description
The Vulnerability Analyst will play a pivotal role in internal Application Security team, leading the coordination and management of vulnerability processes across our infrastructure and products. This position is responsible for driving continuous improvement in vulnerability management, supporting compliance activities, and fostering collaboration across technical and business stakeholders.
Core Responsibilities:
- Coordinate Vulnerability Management: Work with asset owners and stakeholders to ensure prompt remediation, offering guidance as needed.
- Review and Escalation: Organize and lead regular vulnerability review calls, ensuring that appropriate stakeholders and asset owners are aware of open findings.
- Infrastructure Drop-In Sessions: Facilitate infrastructure vulnerability drop-in sessions to address technical issues and promote best practices.
- Reporting: Prepare and present quarterly vulnerability reports, raising findings to appropriate stakeholders and leadership.
- Compliance Support: Support PCI evidencing and Approved Scanning Vendor (ASV) activities, ensuring compliance with regulatory requirements.
- Exception Management: Guide exception management processes, review submissions, and track unresolved vulnerabilities, facilitating approvals and risk acceptance.
- Training and Enablement: Deliver training sessions to technical and non-technical teams on vulnerability management processes and security best practices.
- Collaboration: Prepare for and participate in Business Continuity Working Group (BCWG) meetings, fostering cross-functional collaboration.
This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.
Qualifications
Basic Qualifications:
- 2+ years of relevant work experience and a bachelor’s degree OR 5+ years of relevant work experience. Master’s graduates must have 2+ years of relevant work experience to qualify.
Preferred Qualifications:
- 3 or more years of work experience with a bachelor’s degree or more than 2 years of work experience with an Advanced degree. (e.g. Masters, MBA, JD, MD)
- Bachelor’s degree in computer science, Information Security, or a related field, or equivalent professional experience.
- Demonstrable experience in vulnerability management, application security, or a related cybersecurity discipline.
- Experience supporting compliance activities (e.g., PCI DSS, ASV).
- Familiarity with security frameworks, risk management, and exception handling.
- Experience delivering training and collaborating with cross-functional teams.
- Relevant certificates (e.g., CISSP, CISM, CEH, OSCP) are desirable.
- Because this role involves close collaboration with other teams and hands‑on work within the Application Security team, you will be expected to demonstrate practical coding skills.
- Technical proficiency in at least one programming language, and the ability to successfully complete a coding assessment as part of the selection process.
Skills & Attributes:
- Technical Expertise: Strong knowledge of vulnerability management tools and methods, application security experience is a plus.
- Analytical Skills: Strong analytical and advisory capabilities, with meticulous attention to detail in exception and risk management.
- Communication: Excellent interpersonal and communication skills, able to convey complex technical concepts to diverse audiences.
- Adaptability: Ability to adapt as the role evolves and as new threats and technologies emerge.
Visa is an EEO Employer
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.