Hadoop Security Architect

• Be a product security champion by driving Security Architecture and Design/implementation/optimization for Web, API and Mobile backend applications across Visa.
• Engage in the initial requirements definition (including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards.
• Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
• Facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
• You’ll be working on enabling/building security on various platforms and technologies which protect the applications from attacks like:

o Payment processing platforms, Payment Wallet solutions, Consumer facing applications, COTS products deployed in house, public clouds, Issuer/Acquirer facing platforms and applications, white labelled solutions for partners.

o zTPF, zOS, MVS, Linux, Windows, VMWare, Openstack, SDN, Public cloud like AWS, Google

o Cybersecurity tools like IDS, SIEM, Tripwire, Tanium, Netwitness, Netflow, WAF

o HSMs, Tokenization systems, data encryption solutions from Safenet, Vormetric etc

o Web technologies like HTTP, SOAP, REST services, AJAX

o Databases like Oracle, MS SQL, Couchbase, Cassandra, Riak, Aerospike

o Programming languages like Java, C, C++, .Net, Javascript, GoLang, ErLang, Cobol etc

o Caching services like Kafka, Coherence, MQ

o Big-data like Hadoop

o Web Access Management solutions like Forgerock, Siteminder, Custom/in-house Security Frameworks

• Automate security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices for web and mobile applications.
• Expert in Hadoop open source software (OSS) and has good hands-on understanding in both development and security
• Analyze and track development process, proactively monitor OSS security efforts and approach can go a long way in being prepared to handle open source security risks.
• Actively participate and work very closely with Apache CVE community (https://cve.mitre.org) and update incident response team specifically to monitor threats and vulnerabilities.
• Build automation to Integrate and orchestrate existing security tools so we can quickly resolve damaging malware infections.
• Demonstrable experience on Big data security with experience designing secure applications for Relational, NoSQL, In-Memory database(s), Hadoop, Kafka etc.
• Locating the updated version, patch, or fix to address the security risk is a time-consuming and expensive process.
• Facilitate communication with cross-functional groups.
• Work with product organization to develop secure business requirements, develop the security architecture and integrate into our longer term platform strategy.
• Define solution level security architecture for project and and conformance to Visa's security standards.
• Work directly with project development teams to enable successful project implementation applying the recommended security tools, technologies and techniques. Provide expertise to project team engineers as needed.
• Stay up to date on new security tools & techniques in the information security space.
• Conduct proof of concept activities with key business users in support of advanced use cases.
• Help business and product team to achieve various compliance certifications like PCI, FFIEC etc.
• Be responsible for overall planning, direction and oversight of multiple projects, products, services or functions.
• Identify and analyze system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.
• Independently formulate direction, design or oversight for the development of major Enterprise-wide programs or plans that have significant impact on the success of the organization