Associate Cybersecurity Analyst - Engineering & Operations

The Associate Cybersecurity Analyst - Engineering & Operations is primarily responsible to monitor, analyze, and resolve onprem and cloud network security devices, security tools, and systems issues. This position will manage technical support requests directly from users as well as prioritize escalations from other team members and field engineers. Our engineers are responsible for maintaining application uptime and improving their computing experiences through effective maintenance, problem identification and resolution activities.

The position requires an in-depth understanding of how logical and physical connectivity issues can affect network and systems security posture and transaction quality.

Essential Functions:

Monitor, analyze, and resolve network/cloud security devices, systems, and tools incidents

Troubleshoot issues stemming from configurations on platforms such as firewalls including web application firewalls, proxies, distributed denial of service systems, data labeling and loss systems, and host-based security controls

Follow both work instruction playbooks and runbook automations activities. Provide feedback to modify and suggest changes to work instructions for similar impacting events

Understand and work within established Service Level Agreements (SLA) to ensure timely response

Support and promote Visa s Cybersecurity operation standards and excellence

Continuous improvement of core functions expected from Cybersecurity Operations Center

Track, update, and resolve all assigned incidents, changes, and problem reports in the incident management system, ensuring that documentation is thorough, accurate, and meets a standard of high quality

Follow documented support procedures, managing each issue through resolution or turnover to maintain established service levels

Solicit feedback of documented procedures to accurately record resolution and ensure client satisfaction

Measure and review work instructions for accuracy of execution and to drive toward objective response and restoration time frames. Review and solicit improvements through second level support groups and peers

Maintain and achieve new technical skills through in-house or external trainings by engineering or higher-level support teams

Modify and create work instructions or Recipes to prepare for similar impacting events and allow for a quicker response. Constantly review work instructions for accuracy and ask for improvements through second level support groups

Lead, support, or contribute based on various incident bridges stewardship in support of timely resolution of internal issues

Proactively monitor, recognize, analyze, isolate and/or resolve documented hardware and software problems utilizing a variety of hardware and software testing techniques

Articulate problem statements with clarity. Consult with L2 support groups or development teams to drive toward long-term restoration and resolution of incidents

Responsible for the internal and external communication of issues to management, other internal support groups, customer pages, email broadcasts, or verified phone calls

This position involves shift work with 9 hour shifts between 7 AM and 7 PM based on the published schedule, to cover work 365 days a year.

Basic Qualifications:
Bachelors degree, OR 3+ years of relevant work experience

Preferred Qualifications: 2 or more years of work experience Work experience or training as a Network/Security Operations Engineer, network/security support analyst or experience across multiple technologies such as firewalls including web application firewall, proxies, distributed denial of service systems, data labeling and loss systems Understanding of network monitoring concepts and management tools. Knowledge of systems, application, and fault monitoring toolsets namely Indeni, Splunk, Moloch, QRadar, Solarwinds, NetCool, or other similar platforms Functional understanding of packet and protocol from firewall/and other systems through tools such as Wireshark to support troubleshooting activities Demonstrate knowledge of native cloud-based security monitoring tools. General knowledge of networking and routing topology, cybersecurity frameworks, constructs and auditable standards Communicate effectively throughout the incident management process to ensure that all communications are timely and accurate, as per documented process Understanding, proficiency, or certification of Information Technology Infrastructure Library (ITIL) concepts, preferably with Knowledge of ServiceNow or other incident and change management tools Familiarity of payment transaction message flows and the diverse types of exceptions that could be encountered resulting in client impacts such as message delivery outages, theft, or fraud. Possess the background, experience, or skills to maintain both central and distributed firewall platforms such as Provider-1, Panorama management and logging infrastructures. MS Office suite functional use