Visa – Senior Consultant Cyber Crime

This high impact, high visibility position is part of Payment Systems Intelligence – a key component of Global Risk’s Payment Fraud Disruption (PFD) initiative. PFD’s team of technology experts are vital to Visa’s efforts to identify, investigate, disrupt and prevent attacks targeting the global payment ecosystem. This Sr. Consultant role will specifically lead the development and scaling of strategies for key Payment Systems Intelligence capabilities, specifically eCommerce Threat Disruption.

This includes developing a program’s go-to-market strategy, engaging clients globally on this program, and developing future growth strategy for the program. In addition, as a key lead within the PSI team, the Sr. Consultant will identify new and novel methods that fraudsters are using to target Visa clients and the ecosystem and develop innovative approaches to disrupt emerging fraud and security vulnerabilities affecting Visa clients and the payments ecosystem.

A primary focus for this role is the Visa eCommerce Threat Disruption. This capability is one of the highlighted Differentiators in Visa’s Risk offering.  This unique, new capability has global reach to processors, merchants and acquirers and is an industry first.  eTD is a key part of Visa’s ongoing efforts to stay ahead of organized crime groups and has already received high accolades from Visa clients.

Building and leading this important offering requires advanced knowledge of payments systems, fraud techniques and malware, as well as the ability to identify and disrupt evolving attack trends.  In addition, eTD requires regular interaction with executive members of Visa’s most valued client base to discuss and advise on their most sensitive security issues.

This role requires a recognized expert with a capacity to solve unique and complex problems that have a broad impact on the business, coordinate closely with client executives, and the ability to present technical, transaction-level findings to clients and executive leadership.

This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office two days a week, Tuesdays and Wednesdays with a general guidepost of being in the office 50% of the time based on business needs.

Primary Responsibilities: eCommerce Threat Disruption

• Coordinate closely with Sr. Director PSI team lead and other colleagues to carry out eTD client engagements, to include full coordination and prioritization of eTD with Visa Regional teams and Risk Managers
• Execute eTD, ensuring that day-to-day operations operate properly, and delivery expected client results
• Manage the eTD medium sized project and associated processes, providing guidance to other employees in job area, using extensive technical principles
• Ability to work independently, under limited supervision, on problems that are undefined and significantly complex
• Ability to conduct threat research to identify emerging fraud trends and reproduce results in a simulated production environment
• Collaborate with internal and external stakeholders on various fraud issues and produce fraud mitigation strategies to include vulnerability assessments.
• Contribute to the development of functional strategy and regularly identify and recommend service improvements
• Contribute and participate in all stages of advanced fraud and cybercrime simulation, understanding and researching fraud attacks on the payments’ ecosystem from multiple phases, including planning, recon, exploitation, post-exploitation, clean up and remediation
• Independent research of threats targeting ecommerce merchants
• Technical analysis of malware targeting the ecommerce ecosystem
• Creation of malware signatures (regular expressions and Yara rules) for identified eCommerce threats.
• Work with technology to maintain and improve the malware detection capability of Visa eCommerce Threat Disruption
• Brief stakeholders on new trends, techniques, and threats in a business context

Go-To-Market Responsibilities:

• Manage the go-to-market strategy and technology development for eTD to identify and deter threat actors responsible for complex payment system fraud campaigns
• Serve a lead coordinator with Visa Risk Product, Consulting and other internal stakeholders to develop client-focused strategies for PSI capabilities, including eCommerce Threat Disruption
• Deliver best in class eTD capability in support of acquirer, merchant processor engagements

Secondary Responsibilities: Payment Systems Intelligence

• Serve as team subject matter expert in all areas involving payment fraud analysis and investigation
• Identify the extraordinary in the ordinary, pinpoint and disrupt complex fraud schemes, and manage identification and reporting of fraud attacks
• Identify emerging cybercrime and fraud techniques in a fast-paced, highly technical environment
• Understand network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce payments risk to an acceptable and manageable level
• Identify new fraud and cybercrime threats to the payments ecosystem and communicate them to relevant stakeholders
• Triage and analysis of forensic investigation reports, identification of technical correlations between the reports, and ability to develop digital infrastructure maps (domains, IPs, malware variants) of overlapping cybercrime operations.
• Provide intelligence and technical analysis support to the Investigations team during official PCI forensic investigations.
• Analyze compromised payment card data from multiple reporting sources in order to identify compromised points of purchase (merchant breaches).
• Manage attacks by combining payment intelligence findings and fraud solutions to proactively identify and resolve high-profile attacks.
• Collaborate with other key programs and team members, including Intelligence Analysis, Attack Intelligence, etc.
• Support Senior Director, Payment Systems Intelligence, as necessary
• Review new tools and products developed for clients to identify vulnerabilities. Provide risk remediations and best practices to key stakeholders during product design, development, implementation and post-implementations phases