Staff Software Engineer - DevSecOps

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose - to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Visa's Technology Organization is a community of problem solvers and innovators reshaping the future of commerce. We operate the world's most sophisticated processing networks capable of handling more than 65k secure transactions a second across 80M merchants, 15k Financial Institutions, and billions of everyday people. While working with us you'll get to work on complex distributed systems and solve massive scale problems centered on new payment flows, business and data solutions, cyber security, and B2C platforms.

The Opportunity:

We are looking for Versatile, curious, and energetic DevSecOps Software Engineers who embrace solving complex challenges on a global scale. As a Visa Software Engineer, you will be an integral part of a multi-functional development team inventing, designing, building, and testing software products that reach a truly global customer base. While building components of powerful payment technology, you will get to see your efforts shaping the digital future of monetary transactions.

The Work itself:

• Plan, execute, and verify changes to existing software and environments: design, build, and test changes to build scripts and deployment pipelines.

• Design, develop, and maintain CI/CD pipelines using GitHub Actions and Jenkins.

• Develop, improve, and maintain automated deployment jobs and installation scripts using common scripting languages and Linux shell.

• Define, implement, and evolve branching strategies and source-control workflows, build associated automation.

• Identify manual operational processes and proactively automate them to improve speed, reliability, and auditability.

• Support release planning for new applications, including installation script development and coordination across teams.

• Track changes per change-management practices, keep procedures and standards up to date, coordinate with internal teams and external partners.

• Remediate vulnerabilities using patch and vulnerability management solutions (e.g., Qualys, TSR), monitor systems and escalate security issues to mitigate risk.

• Review system and application vulnerabilities, recommend and implement countermeasures and compensating controls to reduce risk to acceptable levels.

• Collaborate with Cybersecurity, Application, and PenTest teams to design secure solutions and ensure compliance with internal and regulatory requirements.

• Contribute to an effective Information Security Program and ongoing security-compliance activities.

• Build strong cross-functional relationships to provide superior product and release support.

• Identify opportunities to enhance standards, processes, tooling, and developer productivity.

The Skills You Bring:

• Ability to leverage AI coding assistants (e.g., GitHub Copilot) in VS Code or IntelliJ to accelerate high-quality automation.

• Practical experience designing, developing, and maintaining CI/CD pipelines with GitHub Actions and/or Jenkins.

• Experience writing and optimizing automation for build, deployment, and ops tasks using shell scripting and Linux commands.

• Experience with containers and orchestration: Docker and Kubernetes.

• Experience with Git and Artifact management (e.g., Artifactory, Docker Trusted Registry).

• Familiarity with IBM zCX Linux operating system to support Infra build from scratch including developing CI/CD pipelines.

• Exposure to patch and vulnerability management (e.g., Qualys, TSR) and applying Linux (RHEL) and Windows OS patches.

• Should have knowledge of building pipelines for various codebases such Java, Node.js, Python and C/C++ to support build/deploy automation.

• Understanding of build tools and package managers: Maven, Gradle, Conan, Make, NPM.

• Basic knowledge of networking concepts (load balancers, firewalls, connectivity checks) and REST APIs.

• Experience utilizing code scanning/SCA tools (e.g., Checkmarx, Sonatype Nexus, Black Duck) within CI/CD.

• Experience with AWS and OpenShift, including vulnerability remediation in those environments.

• Understanding of Spring Boot apps, Node Package Manager workflows, and JBoss Web Server (JWS) setup.

• Experience handling TLS Certificate renewals and deployment to servers/clusters.

• Familiarity with caching technologies (Hazelcast, Redis) and messaging tech such as Kafka or IBM MQ.

• Understanding of scheduling/monitoring with Control M or Crontab

• Ability to generate builds for C/C++ for multiple platforms/architectures (e.g., x86, s390x, Ubuntu).

This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.

Basic Qualifications:

5+ years of relevant work experience with a Bachelor's Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD, OR 8+ years of relevant work experience.

Preferred Qualifications:

6 or more years of work experience with a Bachelors Degree or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or up to 3 years of relevant experience with a PhD

Experience as a DevSecOps Software Engineer with extensive expertise in designing and architecting enterprise-level infrastructure and applications.

Experience with containers and orchestration: Docker and Kubernetes.

Experience with Git and Artifact management (e.g., Artifactory, Docker Trusted Registry).

Should have knowledge of building pipelines for various codebases such Java, Node.js, Python and C/C++ to support build/deploy automation.

Experience with AWS and OpenShift, including vulnerability remediation in those environments.

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 124,700.00 to 180,650.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.