Job Description
Working in the Red Team (offensive security), the role supports the identification and management of security risks and vulnerabilities across multiple domains. It involves close collaboration with development teams and cybersecurity squads, contributing to secure application and product development lifecycles. The position also ensures the overall health of the corporate environment by adhering to regulatory and compliance requirements, including ISO 27001 and PCI DSS, and by developing and maintaining security documentation and procedures.
A solid understanding of the OWASP Top 10 and NIST SP 800-115 standards is required. Familiarity with the PCI DSS framework and basic knowledge of AWS services are considered strong assets.
What You'll Do
Assess API and web application vulnerability
Collaborate with Blue Team (Purple Team exercises)
Engage in internal Red Team activities
Test cloud and infrastructure with penetration testing
Configure and automate offensive security development
Execute vulnerability scanning activities
Support for Governance, Risk, and Compliance (GRC) initiatives
Collaborate with peer cybersecurity teams
This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice. #LI-Remote
Qualifications Basic Qualifications
Be based in Brazil
B2 English proficiency
Experience working in offensive security / Red Team, penetration testing, or vulnerability assessment roles.
Strong understanding of application security risks across APIs, microservices, and distributed systems.
Knowledge of OWASP Top 10 and NIST SP 800-115 security testing standards.
Experience collaborating with development teams and cybersecurity squads to identify, communicate, and remediate security findings.
Ability to support secure application and product development lifecycles.
Strong documentation skills, including the ability to create and maintain security reports, procedures, and technical documentation.
Basic knowledge of AWS services and cloud environments.
Preferred Qualifications
Basic knowledge of PCI DSS requirements and working in regulated environments.
Familiarity with ISO 27001 security controls and audit requirements.
Additional Information Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
#J-18808-Ljbffr
A solid understanding of the OWASP Top 10 and NIST SP 800-115 standards is required. Familiarity with the PCI DSS framework and basic knowledge of AWS services are considered strong assets.
What You'll Do
Assess API and web application vulnerability
Collaborate with Blue Team (Purple Team exercises)
Engage in internal Red Team activities
Test cloud and infrastructure with penetration testing
Configure and automate offensive security development
Execute vulnerability scanning activities
Support for Governance, Risk, and Compliance (GRC) initiatives
Collaborate with peer cybersecurity teams
This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice. #LI-Remote
Qualifications Basic Qualifications
Be based in Brazil
B2 English proficiency
Experience working in offensive security / Red Team, penetration testing, or vulnerability assessment roles.
Strong understanding of application security risks across APIs, microservices, and distributed systems.
Knowledge of OWASP Top 10 and NIST SP 800-115 security testing standards.
Experience collaborating with development teams and cybersecurity squads to identify, communicate, and remediate security findings.
Ability to support secure application and product development lifecycles.
Strong documentation skills, including the ability to create and maintain security reports, procedures, and technical documentation.
Basic knowledge of AWS services and cloud environments.
Preferred Qualifications
Basic knowledge of PCI DSS requirements and working in regulated environments.
Familiarity with ISO 27001 security controls and audit requirements.
Additional Information Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
#J-18808-Ljbffr