Cybersecurity Engineer

Job Description Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose to uplift everyone, everywhere by being the best way to pay and be paid. Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa. Job Description The Identity and Access Management (IAM) team is responsible for securing employee access to our core applications in the most efficient, compliant, and user-friendly manner, innovatively using the latest industry standards and tools. Our goal is to become the gold standard for IAM worldwide, and we are already on our way, recently winning Oracle's annual Identity Management Innovation award. Visa's IAM eco-system includes an extensive, and highly customized, rich Identity Management platform implementation. The team has successfully implemented many of the core components. With a constant moving and expending environment, the IAM team is exploring all processes and technology to expend the security coverage and improve the end user experience. With the additional features and the goal of extensive coverage comes a higher level of complexity, criticality, overall usage, and dependency on the environment. Join a growing, fast-paced and high-performance Access Controls team. The ideal candidate for position will be a proactive and self-motivated professional who will work with other team members to manage access controls for Visa key information resources residing on multiple platforms, with a focus area in Active Directory, EntraID, Windows Servers and automation. The successful candidate will aid in the continuous improvement of the identity and access management practices looking for opportunities to automate where possible. Essential Functions: - Provide Subject Matter Expertise (SME) over IAM practices, policies, and procedures for Active Directory, Windows Systems, and Cloud Platforms. - Implement and enforce Identity and Access Management policies in Active Directory, ensuring access approvals, rogue access monitoring, credential strengthening and security (including passwords and keytabs), credential reuse monitoring, as well as support for the full lifecycle of identities and access. - Govern access controls for cloud platforms, particularly Microsoft EntraID, including Privileged Identity Management (PIM), federated SSO groups, Managed IDs, and Service Principal Names (SPNs) across the entire hierarchy. - Complete access request processing as per pre-defined procedures and within agreed Service Level Agreements (SLAs). Resolve problem tickets and assist other security analysts as needed. - Demonstrate proficiency in scripting languages such as PowerShell or Python for the automation of IAM processes. - Identify opportunities to automate existing manual processes using Generative AI and scripting, specifically within Access and Identity Management practices. - Diligently document access management procedures for assigned platforms, databases, and applications, keep the access management procedures up to date. - Provide incident response and remediation for identity-related security incidents. - Assist with developing robust monitoring and alerting mechanisms for identity and access management activities. - Develop new management metrics and concise reporting to support IAM activities. - Flexibility to work after hours and weekends to accommodate and support the existing servers/ applications maintenance windows when required. This is a hybrid position. Expectation of days in the office will be confirmed by your Hiring Manager. Qualifications Basic Qualifications: 2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience Preferred Qualifications: 3 or more years of work experience with a Bachelor's Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) Bachelor's degree in computer science, information security or equivalent job experience. 5 - 7 years of hands-on experience in Cybersecurity, with a strong focus on Identity and Access Management (IAM). CISSP, CCSP and/or Certification in Azure or other Cloud Platform highly desirable. Experience with Active Directory management, including Security Groups, User Objects, GMSA's, Service Account Management and Keytabs. Hands on experience in managing and securing Cloud environments, particularly with IAM solutions like Microsoft EntraID (formerly Azure Active Directory). Good analytical and troubleshooting skills on all platforms and tools supported. Understanding of information security principles and IT infrastructure including operating systems, applications, communications and network protocols. The ability to work effectively with other functional areas and understand the operational and cultural issues relevant to achieving superior results. Must be flexible and able to manage multiple tasks and priorities on very tight deadlines. Be a self-motivated and results oriented individual with an attention to driving aggressive project timelines and schedules. Ability to work independently and in collaboration with others to achieve a high level of success. Strong interpersonal and collaboration skills with the ability to develop, maintain and foster constructive relationships with others. Dynamic, hard-working and ambitious individual, with excellent oral and written communication skills. Understand security principles such as separation of duties (SoD) and least privilege (LP). Experience in implementing and managing Credential Security using Azure Key Vault, AWS Secrets Manager. Proficient in automating repetitive IAM Processes using Generative AI and scripting languages such as PowerShell or Python to improve operational efficiency. Knowledge of automation tools and frameworks to streamline access management practices. Experience with SIEM, CIEM tools for security monitoring, incident response and identity management. Additional Information Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.