Senior Information Security - Active Directory (AD) Engineer
Working together to build a vision for the world of payments.
Find your Everywhere at Visa.
Visa's Access Management team is looking for a talented and motivated individual with strong technical skills and the ability to rapidly learn new technologies. The Access Management team is part of Visa's Global Information Security team, chartered to protect and secure Visa's Active Directory infrastructure. We specialize in providing capabilities which enable secure business solutions by providing core identity and authentication services for Active Directory and Windows Systems. Work with the best of breed identity and access management systems. We are a global origination with teams in Singapore, UK, and throughout the US. We are looking for an exceptional candidate that shares our passion for delivering solutions to complex security problems, while maximizing productivity and minimizing employee friction.
- Enhance the security posture of Visa by maintaining core Access Management designs and configurations in accordance with IT Standards. Responsible for ensuring that configuration updates comply with corporate and information security standards. Maintain accurate documentation to support detail analysis and provide give technical presentations
- Demonstrate security leadership by your interactions with stakeholders, service managers, and operational support teams to design, test, and deploy security and/or automation solutions to meet business needs
- Partner with clients and stakeholders to grow or deliver new capabilities/solutions related to Access Management for Active Directory and Windows Systems
- Analyze and improve existing solutions, streamline processes and recommend upgrades to Access Management services to improve end user experience and productivity
- Provide access management and AD/Windows Systems technical guidance by designing and deploying robust, stable, and manageable services to meet business requirements on a constant stream of new projects and technologies
- Responsible for the proactive service/system monitoring of AD and Windows privileged and elevated access, including on-call support for a 24X7 operation for any Access Management Security issue
- Participate in internal and external Audit exercises
- Position requires a Bachelor's degree or higher in an Information Technology related discipline, such as Computer Science, Electrical Engineering, or Information Technology.
- Active Directory expert with demonstrated ability in the following areas:
- Knowledge of Microsoft Active Directory and associated components (LDAP/Kerberos)
- Microsoft's Enhances Security Architecture Environment (EASE) – "Red Forest"
- Multi-Forest/Multi-Domain AD environments
- Windows Server 2008/2012/2016
- at least one AD Administration Platform (SCCM, Dell/Quest Change Auditor, Dell/Quest Active Role Server, etc.)
- at least one Password Vaulting Platform (Lieberman, Thycotic, CyberArk, etc.)
- Operating system security for Windows and Linux - internals and hardening with an emphasis on endpoint security
- Security generalist with meaningful experience in many of the following areas
- authentication methods - Kerberos, MFA/2FA, SSO, Federation, etc.
- Experience with RESTful APIs and OAuth
- Identity Management – Oracle Identity Manager, SailPoint, FIM, etc.
- Identity Management – Roles, Entitlements, JML Processes, Attestation, Compliance, etc.
- Advanced knowledge of networks, including IPv6, SDN, firewalls, network security zones, etc.
- Bachelor degree in computer science, computer engineering, information security or equivalent job experience
- CISSP, CISA, CISM and other comparative information security certifications required
- Between 5 to 7 years Information Security experience required
Global payments technology company
Company Type: Public Company
Company Size: 5,001-10,000