Company Description Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.

　　When partnering with Visa, you are also in a way part of a culture of purpose and belonging – where the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.

　　Visa Cross-Border Solutions offers deep money movement capabilities to organisations across the globe. Powered by Currencycloud technology, Visa Cross-Border Solutions enhances, streamlines and simplifies integrating the cross-border financial tools of tomorrow. 

　　Clients can embed cross-border finance into the heart of their business and create sophisticated and user-friendly app-based experiences, connecting consumers and businesses around the world. 

　　Since 2012, the technology behind Visa Cross-Border Solutions has been used to process more than $250bn to over 180 countries, partnering with banks, businesses and fintechs all over the world.

　　Partner with Visa: A Network Working for Everyone.

　　Job Description  

　　Currencycloud was acquired by Visa in December 2021 and forms part of Visa Cross Border Solutions (VXBS). At Currencycloud, you can work from home, or visit our offices in London, Cardiff or Amsterdam. You'll need to be based in either the UK or Netherlands for this role, and have the necessary work permissions.

　　Information security is an integral part of Visa's corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued, where you can work with like-minded peers who are passionate about the art & science of cyber defense then we have a home for you.

　　The successful candidate will be an industry-level Senior SOC Analyst with a continued specialism in Cloud having worked in a highly regulated environment. The team you will join is part of a larger Security Team and Organization located across multiple geographical sites that are responsible for the comprehensive cyber defense of Visa and its subsidiaries.

　　Responsibilities:

　　Monitor Information Security alerts using Security Information and Event Management (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artefacts.Utilize sensor telemetry data and correlated logs to establish context of an alert and rule out false positives.Perform analysis of security alerts to evaluate true positive malicious risks to the business, determine containment action, and identify required preventative measures, documenting your findings throughout within the Incident Management System.Document Tuning and Detection Opportunities, turning them into operational alerting.Mitigate and contain identified threats using approved incident response methodologies.Provide subject matter expertise as an escalation point for security incidents to ensure proper assessment, containment and mitigation is taken. Collaborate with operational support teams to ensure they are actively engaged in addressing security threats and impact to the business.Be a technical lead contributor to high-severity incident response efforts which involve multiple teams to reach prompt containment, primarily aiding in incident analysis and reporting. Provide peer support to improve the technical capabilities of fellow SOC Analysts.Perform threat hunting using defined procedures and alert trend analysis to find inconspicuous threats. Identify trends, potential new technologies, and emerging threats which may impact the business.Operationalize actionable Threat Intelligence reports from internal and external sources.Assist with the security monitoring enrollment process to ensure adequate coverage and effectiveness of all new and existing cloud and on-premise based applications, services and platforms.Facilitate the development and tuning of detection use-cases to support enrollments and ensure high fidelity alerting in SIEM and other related Detection technologies.Work in collaboration with teams within Cybersecurity to identify detection and response gaps to improve.Develop and review Incident Response Playbooks, SOPs and Alert Runbooks, to streamline the incident response efforts.Work with colleagues in other technology departments as well as the business and product offices to establish effective, productive business relationships.Participation in an OOH On-Call Rota, 1 week in 4. Qualifications

　　• 8 or more years of work experience in Security Operations with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD

　　• Demonstrated professional competency in Cloud Environments

　　Desirable qualifications:

　　• 9 or more years of relevant work experience in Security Operations with a Bachelor’s Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD

　　• 7+ years of related experience in Cybersecurity incident response, investigation or computer network defence functions.

　　• Bachelor's degree in computer science, information systems, or a related technical discipline or equivalent professional experience directly related to information security, cybersecurity, or computer network defence

　　• Relevant Security related certifications a plus: CYSA+, GCIA, GCIH, GCED, OSCP

　　• Relevant Cloud Certifications a plus: AWS Certified Security - Speciality

　　• Demonstrated experience in investigating cyber security incidents in enterprise-level security operations centres, fusion centres or Cyber Security team.

　　• Proven subject matter expertise in incident response and detection engineering.

　　• Solid understanding of TCP/IP protocol and internetworking technology including packet analysis, routing and switching.

　　• Strong technical knowledge of Cloud networking, infrastructure services and common applications.

　　• Strong knowledge of software security including web applications security.

　　• Strong Scripting skills (Python, Perl).

　　• Strong working knowledge in malware analysis.

　　• Strong knowledge in digital and network forensics investigation.

　　• Working knowledge of common security tools such as SIEM, AV, WAF, IDS, Netflow, Packet Analyzer and Endpoint Detection & Response tools.

　　• Excellent problem-solving skills, with tenacity and resilience to resolve issues.

　　• Strong interpersonal and leadership skills.

　　• Excellent communication, both verbal and written, with strong data presentation skills for varied audiences (including executive)

　　Additional Information Universal acceptance for everyone, everywhere, is not only our brand promise, it’s the foundation of our company culture. We foster a feeling of connectedness in the workplace, support diversity of thought, culture and background, fight for important initiatives like Equal Pay and actively work to eliminate unconscious biases that hold us all back.

　　By leveraging the diverse backgrounds and perspectives of our worldwide teams, Visa is a better place to work and a better business partner to our clients.