Associate Cybersecurity Engineer – Intern

Job Description

Visa’s Internship Program provides an immersive, 12-week journey where you’ll work on impactful projects that drive Visa’s mission forward. As a Visa intern, you’ll build valuable connections across the organization, sharpen your communication and business acumen, and gain hands-on experience in a dynamic, global environment. 

Throughout the program, you’ll have exclusive access to interactive workshops and learning sessions designed to deepen your expertise, expand your industry knowledge, and elevate your professional skillset. You won’t just be learning, you’ll be contributing, collaborating, and innovating every step of the way. In addition to professional development, you’ll enjoy a variety of intern social events that foster community, connection, and fun throughout the summer. 

The experience culminates in an exciting final presentation, where you’ll showcase your project achievements, share key insights, and present your recommendations to Visa’s leaders and stakeholders. This is your chance to demonstrate your business impact, highlight your personal growth, and align your work with Visa’s vision for the future. 

Join Visa's world-class Cybersecurity department and gain unparalleled experience across a variety of critical security domains. This internship program is designed for passionate and driven individuals eager to contribute to Product Security Architecture, Identity and Access Management (IAM), or Mobile & Mac Security. As an intern, you will help proactively identify and mitigate security weaknesses, secure employee and customer access to critical applications, and perform ethical hacking to protect Visa’s products and services.

This role offers the chance to work in a dynamic, fast-paced environment that operates like a startup within our global organization. We are looking for innovators who are excited to research and apply cutting-edge AI models to solve complex cybersecurity challenges.

Some job duties may include:

• Security Architecture & Penetration Testing:

  • Act as a security champion by contributing to the security architecture, design, and implementation for web, API, mobile, and Mac applications.
  • Perform ethical penetration testing on Visa's mobile and Mac assets to simulate real-world attacks and identify vulnerabilities.
  • Conduct and facilitate security reviews, threat modeling, and deep design reviews throughout the development lifecycle.
  • Identify weaknesses in Visa's security posture and recommend controls to protect assets and services.

• Identity & Access Management (IAM):

  • Support the development, operation, and maintenance of Visa's complex IAM ecosystem, including platforms like SailPoint.
  • Analyze IAM-related incidents, document root causes, and recommend effective remediation solutions.

• Innovation, AI & Automation:

  • Innovate and research AI models and their applications to solve real-world cybersecurity problems.
  • Develop AI-driven workflows and benchmark AI use-cases for security activities.
  • Develop, maintain, and innovate on internal cybersecurity tools, scripts, and processes to optimize testing and security-in-depth.
  • Assist with building alerting and monitoring solutions, potentially leveraging GenAI.

• Collaboration & Analysis:

  • Write and optimize SQL queries for data analysis and reporting.
  • Collaborate closely with Management, Development, and Quality Assurance teams to communicate issues and propose solutions.
  • Help build foundational application security capabilities across the organization.

Qualifications

Basic Qualifications 

• Students pursuing a Bachelor’s degree in Computer Science, Computer Engineering, CIS/MIS, Cybersecurity, Business or a related field, with a graduation date in December 2026-August 2027
• Strong communications skills, specifically, the absence of repeated grammatical or typographical errors, clear and concise written and spoken communications that demonstrate professional judgment.  

Preferred Qualifications 

• Proficiency in at least one programming language or technology including, but not limited, to Java, C/C++, C#, .NET, Python, Javascript, HTML, SQL
• Experience with Write utilities / automation tools using Selenium, Java, REST, Python, Groovy, and more 
• Development skills with experience in secure coding and application security.
• Knowledge or understanding of security architecture principles and best practices.
• Familiarity with OWASP Top 10, SANS Top 25, and threat modeling frameworks.
• Knowledge of cryptographic concepts and secure communication protocols.
• Understand the basics of a mobile application and platform security concepts; deep understanding of those platforms, and advanced concepts related to SDKs and mobile wallets preferred.
• Knowledge of penetration testing is a plus but not necessary if you’re willing to learn with us and are curious. Things like application risk assessment and risk categorization skills, including but not limited to, reverse-engineering, network interception and manipulation, offensive and defensive attacks, as well as database and cross-site scripting injection attacks are all topics that are useful.
• Experience or exposure with penetration testing tools such as Burp Suite, Nmap, Nessus, and Kali.
• Proficiency in one or more scripting languages (Python, Bash, etc.).
• Experience or knowledge in PL/SQL queries
• Understanding of networking fundamentals, OSI model, and TCP/IP stack.
• Awareness of cloud security principles (AWS, Azure, or GCP security best practices).
• Operating system familiarity – Windows, Linux, macOS account management.
• Ability to use GenAI to build agents for alerting and reporting
• Understanding of web applications common architectures, basic cryptography, and web protocols.
• Understanding of the following tools/technologies should apply, and would be strongly preferred: Burp Suite, IDA pro, Metasploit, APKTool, Hopper, Gindra, CheckMarx (Sast/Dast), Cycript, XPosed, Charles, dex2jar, Kali Linux, Wireshark or any mobile security and/or penetration testing tools or frameworks.
• Incident handling basics – responding to access-related tickets.
• Basic troubleshooting – resolving login errors, permissions issues.
• Strong ability to collaborate 
• Highly driven, resourceful and results oriented 
• Good team player and excellent interpersonal skills 
• Good analytical and problem-solving skills 
• Demonstrated ability to lead and navigate through ambiguity