Director, Global Standards Management

Director, Global Standards Management

Vacancy expired!

Job Description

Specifications and Standards activities enable ubiquity by maximizing global interoperability and commonality across technology platforms, while providing the flexibility to enable ongoing competition and product differentiation by the various participants in the payments ecosystem. Participation in standards bodies, liaison organizations and advisory groups form the building blocks for all of Visa’s existing and future products and services. Security programs and standards are the cornerstone of ensuring interoperability.

TheDirector, Global Digital Standards Management, will be member of the Global Standards Management team responsible for managing Visa’s security standards throughparticipation and engagement within Industry Standards, as well as in industry related advocacy and trade associations. The Global Standards Management team ensures standards participation, decisions, formal contributions and general issue resolution aligns with Visa strategy. The team creates and manages the overarching strategy related to Visa’s ongoing involvement in such organizations, as well as all global communications between standards participants, the decision-making bodies and the executive team. Additional responsibilities include stakeholder training and education, issue escalation and ongoing management, executive level education and awareness.

Visa's digital standards are managed through the Visa Ready Security program which establishes and maintains security requirements for third-party partners as well as generating security requirements for new digital consumer products. We are looking for a Director to support the evolution of Visa’s secure digital payments. The focus will be on the security of digital payment solutions across mobile and IoT platforms as well as web applications and will support the Visa Ready partner programs by developing and managing security requirements for new and existing digital products by working with product, technology, and risk and information security teams, to establish these requirements. In addition, this role will be responsible for working internal with Global security teams to ensure that Visa use of digital security standards continues to evolve.

Be part of a collaborative team who shares responsibilities for overall oversight and management of Visa’s standards and industry body participation, including:

· Liaise with key Visa stakeholders to gather and prioritize the strategic objectives for specifications and standards.

· Represent Visa at key industry standards bodies and industry forums, as appropriate, to ensure resulting industry standards and global specifications meet Visa strategic objectives for specifications and standards

· Bring subject matter expertise and market insight to Visa to educate and support the business teams impacted by resulting specifications and standards

·In conjunction with the Standards Working Group, create various white paper/assessment reports, including initial and going recommendations to the Corporate Risk Committee (CRC) regarding:

Particular focus will be on multiple security related Standards groups and trade associations globally. Examples may include, but aren’t limited to, EMVCo, International Organization for Standardization (ISO), GlobalPlatform, InterNational Committee for Information Technology Standards (INCITS), World Wide Web (W3C) Consortium, .

·Triage major issues arising out of a standards organization, including communications/awareness to the SWG, CRC, Executive Committee (EC), and/or Operating Committee (OC) as appropriate, including development of white papers/position papers

·While an individual contributor role, the individual shall have demonstrated experience in leadership and team management in the past and must be able to lead successfully across a matrix organization of stakeholders to execute against responsibilities – holding others accountable/responsible without have direct management oversite

The Visa Digital Standards team is looking for a person with a background in security and who can learn quickly, work in a team to manage security requirement development, interact with solution providers and external security laboratories responsible for performing the evaluations and take the lead in assessing the overall security of new consumer payment solutions. This includes contributing to the architectural security design review and the processes for assessment of digital payment solutions. You will provide actionable input and recommendations to the team as to whether these solutions meet Visa requirements. This will include risk considerations such as the tradeoff between logical and physical security requirements, as well as local versus remote solution “health” status monitoring. As a team member you will contribute to maintaining security knowledge of standards, industry best practices, and emerging attack/prevention trends and technologies as they apply to the Visa Ready program. Based on the dynamic nature of digital payments, this includes providing enhancement recommendations to ensure that the Visa Ready documentation is current. You will also work with the Product Technology testing group to coordinate 3rd party security reviews as well as managing the Visa security lab partners and participating in security lab audits.

Additional responsibilities will include participation on a number of digital standards organizations such as W3C webauth, ISO and EMVCo security focused efforts.

Qualifications

• 10 years of work experience with a Bachelors Degree; 8 years of work experience with an Advanced degree (e.g. Masters/MBA/JD/MD); or a minimum of 3 years of work experience with a PhD

• Knowledge of modern device, web, protocol and network security and encryption techniques and standards.
• Familiar with relevant application design and development security techniques such as the use of trusted execution platforms, root-of-trust, white-box cryptography, attestation and code obfuscation.
• Familiar with relevant web application security considerations such as click-jacking, cross-frame scripting mitigation and content security policies.
• Good understanding of control objectives, security evaluation goals, security assets, assurance levels, security requirements and test purpose.
• Experience with evaluating the security of digital payments solutions, especially in the context of gathering and formulating security requirements, and interpreting security reports.
• Familiar with logical and physical security requirements and standards.
• Good understanding of the security architecture of consumer and IoT devices.
• Familiar with authentication techniques and biometric technology.
• Willingness to continuously learn about new relevant security attacks and prevention techniques in consumer device, web and ecommerce payment security.
• Must have good communication skills (written and verbal).
• The ideal candidate should hold at minimum a Master in Computer Science or Computer Engineering at least 10 years industry exposure. CISSP and CISA certification is a plus.
• Direct experience with standards and specifications setting bodies, preferred
• Exceptional collaboration and communication skills, with the ability to drive consensus in cross-regional and cross-functional teams.
• Flexible and proactive trouble-shooting capabilities with the ability to manage diverse groups organized within different organizational reporting lines and an aptitude to stay ahead of new payment, innovation and standards trends in a rapidly evolving ecosystem
• Process-oriented problem solver who can adapt within a multi-tasking environment and simultaneously manage multiple issues and projects with limited resources
• Acumen to present complex concepts and solutions to executives and committees
• High attention to detail and quality for all work products
• Hands-on, entrepreneurial and flexible to take broad guidance from management and execute plan of action to drive results

Additional Information

• This position requires the incumbent to travel for work 15% of the time

• Incumbent must make themselves available for meetings with clients and Visa regional teams early morning and evenings occasionally as needed

• This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law