Director Technology Risk Management Control Monitoring

Visa Foster City , CA 94404

Posted 11 months ago

As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You're an Individual. We're the team for you. Together, let's transform the way the world pays.

Visa is seeking a Control Monitoring Director that will work with our internal teams to track and monitor key technology risks. Specifically, the candidate will create, maintain, and enhance data models and drive report output for key technology threat vectors such as application and infrastructure risk, third party technology suppliers, security incidents, data transfers, vulnerability assessments, system entitlements, etc. The candidate will also be responsible for identifying, building, and enhancing data sources that feed the risk models for ongoing risk monitoring and process improvement that will impact and achieve goals. In addition to construction of the technical environment and data population, this individual will be fundamental in interpreting the data as a subject matter expert adding value to Visa's overall Technology Risk Management framework. The candidate will collaborate with key technology partners across the organization, and distill information into management and executive-level reporting. The candidate will have a strong understanding of technology risks and controls, and effectively collaborate with multiple stakeholders. The position reports to the Senior Director of Technology Risk (within our Enterprise Risk Management organization).

Primary Responsibilities

  • Assist with coordinating reviews on Visa's technology environment executed by independent organizations:

  • Design, Develop, Maintain, and Enhance data models for key Technology Risk Management threat vectors

  • Identify data sources internally that can be used to populate the models on a monthly basis

  • Obtain ongoing feeds from primary data owners with adequate hygiene for all required data elements

  • Manage a data dictionary for all data fields and sources, with a trigger mechanism for values outside of acceptable tolerances

  • Create a data repository that consolidates the info and tracks the information from month to month

  • Produce output of results on a monthly, quarterly, and annual basis for senior management

  • Deliver on commitments made by Visa to the FFIEC and European regulators on ongoing risk and control monitoring and testing.

Leadership Capabilities

At Visa, everyone is a leader. We have a core set of principles that we share amongst our employees. These Leadership Principles apply to everyone at Visa, regardless of role, title, level, function or location. The successful candidate will possess the ability to lead by example, communicate openly, enable and inspire, excel with partners, act decisively, and collaborate.

  • 12+ years of experience with data modeling, data analysis, and technology risk related controls required

  • 12+ years of experience with data aggregation, data consolidation, and senior level data output required

  • Knowledge of Cybersecurity (e.g. application compliance, third party technology risk, identity and access management, security incidents, etc.) required

  • Knowledge of Business Continuity, Records Management, and Issue Management related data attributes and risk drivers required

  • Ability to prioritize deliverables and projects to meet timelines efficiently and adapt to changes in priorities quickly

  • Analytical and problem solving skills

  • Ability to effectively communicate formally and informally

  • Ability to facilitate group discussions and debate across geographic, functional lines and levels

  • Bachelor's Degree required

  • Experience in regulated industries required

  • Experience in payment platforms preferred

  • CISA, CISM, CISSP, certification preferred

All your information will be kept confidential according to EEO guidelines.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Global Risk And Compliance Specialist

Qualys, Inc.

Posted 3 days ago

VIEW JOBS 2/26/2020 12:00:00 AM 2020-05-26T00:00 This role will be responsible for supporting our ongoing compliance efforts (PCI DSS, GDPR, CCPA, SOC2, and FedRAMP environments), working collaboratively to manage risk within the organization, and assisting to shape the Qualys information security program through documentation and evaluation of security controls within Qualys and external 3rd part entities. You will work side by side with the information security team and others from across the organization to help ensure Qualys and our customers data in secure and meeting organizational compliance standards. * Produce weekly, monthly and quarterly uptime and status reports for production and critical internal infrastructure * Manage organizational infrastructure LDAP/RADIUS/Basic auth, * Design processes, programs and workflows, * Handle all internal/External Audits, ISP document maintenance, * Security log management & event monitoring (Splunk/IPS sourcepower), * Incident Response, * Build custom packages & key management, * VM, PKI management external/internal, * Automation of legacy/scheduled manual tasks, * Identity and Access Management. Skillset Needed: * 5-8 Years in GRC with background in ISO27001, FedRAMP, SOC2, and GDPR. * Strong user of PowerPoint, MS Project Plan, Visio, Excel. * Experience with Office365, Sharepoint and/or Confluence. * Be self-directed and self-motivated. * Ability to focus on repetitive work efforts. Beneficial Skillset: * Qualys on Qualys, Threat Intel, * FedRAMP Continuous Monitoring background, * Detailed background in FedRAMP Moderate and High environments. * Detailed knowledge of Qualys products and scanners Qualys, Inc. Foster City CA

Director Technology Risk Management Control Monitoring