Company Description
Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year.
Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.
When you join Visa, you join a culture of purpose and belonging - where your growth is priority, your identity is embraced, and the work you do matters.
We believe that economies that include everyone everywhere, uplift everyone everywhere.
Your work will have a direct impact on billions of people around the world - helping unlock financial access to enable the future of money movement.
**Join Visa: A Network Working for Everyone.
**
Job Description**
The Role**
Reporting to the Head of Ecosystem Risk LAC, the _LAC Ecosystem Security Director _will execute a broad portfolio of responsibilities oriented to the LAC Data Security Ecosystem.
The full-time employee will work to manage the several Security Programs for all countries in LAC.
The Ecosystem Data Security goal is to maintain and enhance stakeholder trust in Visa by securing data across the payment system.
Visa takes a comprehensive and layered approach to payments security with a dual focus, protecting cardholder data wherever it is found in the payment ecosystem and making strategic investments in technologies that enable stakeholders to respond to compromises and prevent fraud.
The key Data Security Programs and Activities are the Payment Card Industry Data Security Standard, the Technology Innovation Program, The PIN Security Program, Third Party and Processor Risk, VisaNet Processor Risk Program, Third Party Risk and Agent Registration Program and the Approved Vendor Program.
**Key Accountabilities**
- Manage the strategy and programs oriented to the Payment Card Industry Data Security Standard (PCI DSS) for the LAC Region.
As a Founding Member of PCI, Visa maintain and evolve industry standards, which have been expanded to include PIN Transaction Security (PTS) requirements, P2PE Standards, and the Payment Application Data Security Standard (PA-DSS).
These Programs include TPA PCI DSS program, Merchant PCI DSS Program, VNP PCI DSS Program and Pin-security program
- Manage the VisaNet Processor Risk program to ensure the Visa payment system is protected from operational and financial risk associated with Visa endpoints.
Visa Rules state that a Visa client is responsible for any and all loses caused by its agents.
- Manage the Third-Party Risk program (TPA) and its registering at Visa.
The Third-Party Agent Program main function is to identify participants in the payment system and drive compliance with the Visa Rules and applicable industry standards such as PCI DSS and PCI PIN requirements.
The Third-Party Agents (TPAs) provide payment related services to Visa clients or their merchants and do not have a direct connection to VisaNet.
- Manage the Visa Approved Vendors Program.
They are third-party organizations worldwide responsible for the manufacturing, personalization, and distribution of Visa card products.
Prospective vendors seeking to participate in the Approved Vendor Program must undergo due diligence reviews.
- Manage the Visa 3DS Approved Vendors Program.
- Prepare reports that will be shared with the high management team, as well as, with all account executives in LAC demonstrating the non-compliant entities and its progress.
- Support workshops to the market about best practices, policies, processes, and controls.
- Manage relationships with issuers, acquirers, merchants, payment processors, service providers and regulators to,
- Provide stakeholder training.
- Respond to ad hoc queries, questions from entities.
- Partner with business teams to engage with clients to operate and maintain compliance with requirements.
This is a hybrid position.
Hybrid employees can alternate time between both remote and office.
Employees in hybrid roles are expected to work from the office two days a week, Tuesdays and Wednesdays with a general guidepost of being in the office 50% of the time based on business needs.
**Qualifications**:
oMore than 8 years of knowledge on card industry and payment system risk, including solid knowledge on PCI-DSS Standards.
oStrong ability to communicate (presentation speaker), collaborate and influence within a global, matrix organization.
oProfessional track record of responsibility for large, complex programs and guiding cross functional teams to complete these programs with a high level of effectiveness.
oAbility to manage multiple initiatives at once in a fast-paced entrepreneurial environment, while demonstrating grace under pressure and comfort with problem solving ambiguity.
oIntellectual curiosity with the ability to quickly grasp new payment services and develop corresponding risk