Currencycloud was acquired by Visa in December 2021 and forms part of Visa Cross Border Solutions (VXBS). At Currencycloud, you can work from home, or visit our offices in London, Cardiff or Amsterdam. You'll need to be based in either the UK or Netherlands for this role, and have the necessary work permissions.

Information security is an integral part of Visa's corporate culture. It is essential to maintaining our position as an industry leader in electronic payments, which is why Visa has made it a priority to create top-tier security operations and incident response teams to defend the company against evolving cyber threats. If you would like to join a company where security is truly valued, where you can work with like-minded peers who are passionate about the art & science of cyber defense then we have a home for you.

The successful candidate will be an industry-level Senior SOC Analyst with a continued specialism in Cloud, having worked in a highly regulated environment and experience of analysis with multiple monitoring tools and query languages. The team you will join is part of a larger Security Team and Organization located across multiple geographical sites that are responsible for the comprehensive cyber defense of Visa and its subsidiaries.

Responsibilities:

• Monitor Information Security alerts using Security Information and Event Management (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts.

• Utilize sensor telemetry data and correlated logs to establish context of an alert and rule out false positives.

• Perform analysis of security alerts to evaluate true positive malicious risks to the business, determine containment action, and identify required preventative measures, documenting your findings throughout within the Incident Management System.

• Document Tuning and Detection Opportunities, turning them into operational alerting.

• Mitigate and contain identified threats using approved incident response methodologies.

• Provide subject matter expertise as an escalation point for security incidents to ensure proper assessment, containment and mitigation is taken. Collaborate with operational support teams to ensure they are actively engaged in addressing security threats and impact to the business.

• Be a technical lead contributor to high-severity incident response efforts which involve multiple teams to reach prompt containment, primarily aiding in incident analysis and reporting. 

• Provide peer support to improve the technical capabilities of fellow SOC Analysts.

• Perform threat hunting using defined procedures and alert trend analysis to find inconspicuous threats. Identify trends, potential new technologies, and emerging threats which may impact the business.

• Operationalize actionable Threat Intelligence reports from internal and external sources.

• Assist with the security monitoring enrollment process to ensure adequate coverage and effectiveness of all new and existing cloud and on-premise based applications, services and platforms.

• SIEM Operations: comprehensively test and refine SIEM, experience with Sumologic, Datadog and similar tooling

• Work in collaboration with teams within Cybersecurity to identify detection and response gaps to improve.

• Develop and review Incident Response Playbooks, SOPs and Alert Runbooks, to streamline the incident response efforts.

• Work with colleagues in other technology departments as well as the business and product offices to establish effective, productive business relationships.

• Participation in an OOH On-Call Rota, 1 week in a team of 4.