Technology Risk Management, Sr. Manager - External Assessments

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Job Description

Visa is seeking a proactive, experienced professional that will work with internal and external stakeholders to evaluate technology risks and controls, partner with relevant stakeholders to identify mitigating and compensating controls, and/or advise on control areas needing improvement. This position will be a people manager and an integral member of the team leading in the execution of numerous technology-related examinations (e.g. SSAE, PCI DSS, SOC2, WebTrust, PCI PIN, etc.) within the Visa External Assessments team. This program spans multiple geographies and competency areas within the technology risk domain for which its results are visible to Visa’s management as well as Visa’s external clients & their auditors, partners and regulators.

The candidate must have a good understanding of the methodology in the mentioned third-party assessments, technology risks, audit and controls, be able to provide practical, client-focused solutions, and effectively partner and communicate with numerous cross-functional personnel.

Essential Functions

• Manage the External Assessments team and the execution of Third-Party Assessments (e.g. SSAE21 SOC 1 and SOC2, WebTrust, PCI DSS, PCI PIN, etc.) of Visa from start to completion
• Apply IT controls and auditing skills/experience when needed in order to collaborate with the third-party assessors/auditors and address Visa personnel’s overall questions and needed clarifications
• Support senior management in periodic reporting and/or ad hoc support to the team as needed
• Manage additional projects and initiatives as assigned

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications

Basic Qualifications

• 8 or more years of relevant work experience with a Bachelor Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD

Preferred Qualifications

• 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
• 10 years experience in Internal Control Function preferred, with strong Technology and Cybersecurity audit or compliance experience
• Professional certifications: CISA, CIA, CISSP, PMP and/or CPA preferred
• Prior experience with security and privacy regulations and industry standards (e.g. SSAE, SOC1, SOC2, PCI-DSS, GLBA, WebTrust, PCI-PIN, etc.)
• Solid understanding of IT domains and processes - cybersecurity (e.g. access management, data security, etc.), availability (e.g. incident and change management, capacity management), and business continuity risks and controls
• Prior experience leading IT Audits and/or IT Projects with the ability to prioritize deliverables and projects to meet timelines efficiently and adapt to changes in priorities quickly

Desired Attributes

• Experience configuring and using Auditboard to facilitate audits
• Organized and structured in thinking and approach to work
• Excellent verbal and written communication skills (English Language), attention to detail and interpersonal skills
• Ability to work independently with strong time management and ability to execute on multiple concurrent deliverables
• Works well with people of varying backgrounds, expertise levels and personalities, and builds partnerships
• Exercises good judgment: knows when/whom to ask for guidance, and when to make independent decisions
• Mature working knowledge of Microsoft Office products (Outlook, Word, Excel, Power Point)
• Solution-oriented and capable of problem solving and managing issues
• Strong Project management skills and able to effectively manage and prioritize competing tasks
• Able to navigate and thrive in a complex technology environment

Additional Information

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.