Hadoop Security Architect
- Be a product security champion by driving Security Architecture and Design/implementation/optimization for Web, API and Mobile backend applications across Visa.
- Engage in the initial requirements definition (including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards.
- Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
- Facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
- You’ll be working on enabling/building security on various platforms and technologies which protect the applications from attacks like:
o Payment processing platforms, Payment Wallet solutions, Consumer facing applications, COTS products deployed in house, public clouds, Issuer/Acquirer facing platforms and applications, white labelled solutions for partners.
o zTPF, zOS, MVS, Linux, Windows, VMWare, Openstack, SDN, Public cloud like AWS, Google
o Cybersecurity tools like IDS, SIEM, Tripwire, Tanium, Netwitness, Netflow, WAF
o HSMs, Tokenization systems, data encryption solutions from Safenet, Vormetric etc
o Web technologies like HTTP, SOAP, REST services, AJAX
o Databases like Oracle, MS SQL, Couchbase, Cassandra, Riak, Aerospike
o Programming languages like Java, C, C++, .Net, Javascript, GoLang, ErLang, Cobol etc
o Caching services like Kafka, Coherence, MQ
o Big-data like Hadoop
o Web Access Management solutions like Forgerock, Siteminder, Custom/in-house Security Frameworks
- Automate security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices for web and mobile applications.
- Expert in Hadoop open source software (OSS) and has good hands-on understanding in both development and security
- Analyze and track development process, proactively monitor OSS security efforts and approach can go a long way in being prepared to handle open source security risks.
- Actively participate and work very closely with Apache CVE community (https://cve.mitre.org) and update incident response team specifically to monitor threats and vulnerabilities.
- Build automation to Integrate and orchestrate existing security tools so we can quickly resolve damaging malware infections.
- Demonstrable experience on Big data security with experience designing secure applications for Relational, NoSQL, In-Memory database(s), Hadoop, Kafka etc.
- Locating the updated version, patch, or fix to address the security risk is a time-consuming and expensive process.
- Facilitate communication with cross-functional groups.
- Work with product organization to develop secure business requirements, develop the security architecture and integrate into our longer term platform strategy.
- Define solution level security architecture for project and and conformance to Visa's security standards.
- Work directly with project development teams to enable successful project implementation applying the recommended security tools, technologies and techniques. Provide expertise to project team engineers as needed.
- Stay up to date on new security tools & techniques in the information security space.
- Conduct proof of concept activities with key business users in support of advanced use cases.
- Help business and product team to achieve various compliance certifications like PCI, FFIEC etc.
- Be responsible for overall planning, direction and oversight of multiple projects, products, services or functions.
- Identify and analyze system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.
- Independently formulate direction, design or oversight for the development of major Enterprise-wide programs or plans that have significant impact on the success of the organization