Director, Technology Risk Management
Bengaluru, India | Visa
IT / Information Technology
Job Description:55 people have viewed this job
Job Description and Responsibilities
This hands-on leadership position will serve as part of Visa's Cybersecurity Third Party (3P) technology Risk Management team, providing oversight, coordination, and delivering the activities supporting successful risk management activities around third parties for VISA. Members of this team work across a number of stakeholders who work with third parties to ensure appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet VISA Key control requirements and mitigate any risks that are associated to with third parties. The success of this unit requires dedicated professionals who possess the analytical, feasibility, relationship and executive summary skills needed to form highly reliable risk management strategies to meet various Visa Inc. requirements along with compliance and regulatory requirements.
Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements.
Sound understanding of Enterprise Security Solutions such as WAF, IPS/IDS, DDoS, Firewalls, Anti-Virus, Malware, Database activity monitoring, Data Loss prevention, Proxy solutions and SIEM tools
Very strong interpersonal, facilitation, team building and leadership skills along with effective communication (both written and verbal) skills and the ability to present complex ideas in a clear, concise way; ability to influence and develop relationships with key partners
Must have 8+ years of work experience including leadership roles in Cybersecurity, Audit, Risk, and/or Compliance.Open to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) as long as candidate can demonstrate relevancy to this Cybersecurity based role.
Must have 8+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others
Must have 8+ years audit and risk management experience that includes a broad understanding of the software delivery process, professional services consulting and/or program management.
Must have 8+ years’ experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies.
Must have 6+ years of progressively responsible management experience in the following areas: planning, budget/forecast/financial management, and staffing
Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to financial industry
Demonstrated ability to manage implementations of large-scale, complex, multi-disciplined, cross-functional and highly visible projects/programs.
Current information security and compliance vendor landscape
Control frameworks such as COSO
Regulatory requirements in particular PCI-DSS, GLBA, FFIEC
Ability to direct and lead cross-functional, cross-vendor teams
Must be experienced in Project Management Methodologies and experienced in mentoring less experienced project personnel
Certified Information Security Auditor/Manager (CISA/M) designation or CISSP
Excellent communicator with strong client relationship focus with business sponsors, enterprise architects, and information security engineers to articulate business case and technology options
Practical experience managing multiple large-scale compliance/audit projects simultaneously, strong internal consulting, customer account management, and defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus
Proven experience proposing enterprise level solutions to mitigate risk
Already a member? Sign In