Associate Cybersecurity Engineer, IAM(Active Directory & Cloud)

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Job Description

The Identity and Access Management (IAM) team is responsible for securing employee access to our core applications in the most efficient, compliant, and user-friendly manner, innovatively using the latest industry standards and tools. Our goal is to become the gold standard for IAM worldwide, and we are already on our way, recently winning Oracle’s annual Identity Management Innovation award.

Visa's IAM eco-system includes an extensive, and highly customized, rich Identity Management platform implementation.  The team has successfully implemented many of the core components. With a constant moving and expending environment, the IAM team is exploring all processes and technology to expend the security coverage and improve the end user experience. With the additional features and the goal of extensive coverage comes a higher level of complexity, criticality, overall usage, and dependency on the environment.

Join a growing, fast-paced and high-performance Access Controls team. The ideal candidate for position will be a proactive and self-motivated professional who will work with other team members to manage access controls for Visa key information resources residing on multiple platforms, with a focus area in Active Directory, EntraID, Windows Servers and automation. The successful candidate will aid in the continuous improvement of the identity and access management practices looking for opportunities to automate where possible.

Essential Functions

• Provide Subject Matter Expertise (SME) over IAM practices, policies, and procedures for Active Directory, Windows Systems, and Cloud Platforms.

• Implement and enforce Identity and Access Management policies in Active Directory, ensuring access approvals, rogue access monitoring, credential strengthening and security (including passwords and keytabs), credential reuse monitoring, as well as support for the full lifecycle of identities and access.

• Govern access controls for cloud platforms, particularly Microsoft EntraID, including Privileged Identity Management (PIM), federated SSO groups, Managed IDs, and Service Principal Names (SPNs) across the entire hierarchy.

• Complete access request processing as per pre-defined procedures and within agreed Service Level Agreements (SLAs). Resolve problem tickets and assist other security analysts as needed.

• Demonstrate proficiency in scripting languages such as PowerShell or Python for the automation of IAM processes.

• Identify opportunities to automate existing manual processes using Generative AI and scripting, specifically within Access and Identity Management practices.

• Diligently document access management procedures for assigned platforms, databases, and applications. Keep the access management procedures up-to-date.

• Provide incident response and remediation for identity-related security incidents.

• Assist with developing robust monitoring and alerting mechanisms for identity and access management activities.

• Develop new management metrics and concise reporting to support IAM activities.

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications

Basic Qualification
• Bachelor’s degree, OR 3+ years of relevant work experience.

Preferred Qualifications
• 2 or more years of work experience in Cybersecurity, with a strong focus on Identity and Access Management (IAM).
• Experience with Active Directory management, including Security Groups, User Objects, GMSA's, Service Account Management and Keytabs.
• Hands on experience in managing and securing Azure environments, particularly with IAM solutions like Microsoft EntraID (formerly Azure Active Directory).
• CISSP, CCSP and/or Certification in Azure or other Cloud Platform highly desirable.
• Understand security principles such as separation of duties (SoD) and least privilege (LP)
• Experience in implementing and managing Credential Security using Azure Key Vault, AWS Secrets Manager.
• Proficient in automating repetitive IAM Processes using Generative AI and scripting languages such as PowerShell or Python to improve operational efficiency.
• Knowledge of automation tools and frameworks to streamline access management practices.
• Experience with SIEM/CIEM tools for security monitoring, incident response and identity management.

Additional Information

Work Hours: Varies upon the needs of the department.

Travel Requirements: This position requires travel 5-10% of the time.

Mental/Physical Requirements: This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 95,200.00 to 134,600.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.