The Corporate IT (CIT) organization is responsible for all facets of architecture, software development and production support of key internal systems supporting areas such as Finance, Revenue, Treasury, Human Resources, Legal, Risk, Compliance, Contact Center and End User.
In the GRC & HR Information Technology team, we are building an organization to focus on Engineering and Operational Excellence (EOE). This includes Security Vulnerability management for both hardware and software, establishing our internal business processes, scorecards and metrics, tracking team progress and building formal Operational Procedures/Playbooks for our applications.
Performing Security Analysis on custom applications, packaged software solutions and third party hosted solution, in accordance with OWASP standard and SANS 25, as well as Visa’s technical security best practices, to identify security vulnerabilities.
Developing remediation plans and resolve these findings, or if needed implement mitigating controls to reduce exposure.
Collaborating with application development team or 3rd party vendor’s technical resources to remediate reported vulnerabilities to mitigate any exposures
Managing remediation of findings from the vulnerability-scanning tool (Qualys) and collaborating with infrastructure engineering team to apply patches or update configurations per guidance.
Working with vendor technical resources to remediate reported vulnerabilities to mitigate any exposures, improve the overall security posture, and reduce risk.
Completing a functional smoke test post each patch installation.
Creating and maintaining appropriate documentation to log and track findings/vulnerabilities closure progress by the vendor or application development team.
All your information will be kept confidential according to EEO guidelines.