Cybersecurity Engineer – Regulatory, Audit, and Compliance- Local

Cybersecurity Engineer – Regulatory, Audit, and Compliance
- Local Candidates Only

This Cybersecurity Engineer position will serve as part of Visa's Cybersecurity Regulatory, Audit and Compliance function within the Cybersecurity Governance Risk and Compliance (GRC) team, reporting to Director/Sr. Director. This position will provide oversight, coordination, and deliver the activities that support successful internal audits, external audits and compliance, regulatory activities, and external customer/client requests while effectively balancing the individual elements of these activities.

In addition, you will be building, implementing, and optimizing Governance, Risk, and Compliance (GRC) tools and solutions for our team. This role translates regulatory and audit requirements into scalable, automated technical workflow enabling efficiency and operational excellence.

• Provide oversight, coordination, and delivering the activities that support successful internal audits, external audits and compliance, regulatory activities, and external customer/client requests.
• Assist with validating the ongoing effectiveness of Cybersecurity controls across Visa (both automated and manual), working with a variety of control owners within the Cybersecurity organization, and evaluating control design and standards in a variety of program areas.
• Collaborate with Cybersecurity, Technology, Compliance, Audit, and HRIS teams to automate manual compliance and control tasks for ongoing audit readiness.
• Continuously identify, assess, and implement modern tooling — including AI/ML — to drive greater automation, efficiency, and risk reduction across the Regulatory, Audit and Compliance landscape.
• Build intuitive dashboards and reporting capabilities for stakeholders, providing real‑time visibility into the risk and compliance posture of critical business systems.
• Influence beyond immediate team and with those of more experience/seniority.
• Update Cybersecurity leadership on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

• 2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience.

• 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD).
• Bachelor’s degree in computer science, Information Systems, Management Information Systems, or Business Administration or another related field.
• Significant and relevant technical experience meeting the job description may be substituted for degree requirements.
• 3-5 years of work experience in Information Security, Audit, Risk, and/or Compliance.
• Open to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) if candidate can demonstrate relevancy to this Information security-based role.
• 2+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE
  16/ISAE
  3402, SOC 2 and others.
• Proficiency in agentic AI frameworks and multi‑agent orchestration.
• Skills in Python or similar scripting languages for building automation scripts.
• Ability to synthesize a variety of data points, problem solve and formulate comprehensive and effective execution and risk mitigation plans.
• Exceptional communication skills, both written and verbal to support compliance and certification audits.
• Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
• Experience in Audit/Compliance/Regulatory discussions and proactive readiness activities in a large global financial institution or a matrix organization.
• Strong understanding of natural language processing (NLP) for interpreting unstructured data (emails, PDFs, chats).
• Experience with LLM‑based architecture, Model Context Protocol (MCP), and Agent‑to‑Agent Protocol (A2A).
• Hands‑on experience with AI‑powered…