As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You're an Individual. We're the team for you. Together, let's transform the way the world pays.

B2B IAM is a Security development team within the Visa Cybersecurity Technology Team. This group is responsible for building leading edge Identity & Access Management solutions for our customers. We are a group of bright, motivated engineers and technical managers passionate about building the next generation of security products that protect and secure Visa assets worldwide. 

Essential Functions

• Deep understanding of web applications integration for single sign on using ForgeRock
• Setting up federation agreements using SAML 2, OpenID and OAuth protocols
• Setting up authorization policies and configuring authentication chains in OpenAM 6.0
• Installation and configuration of OpenAM
• Deep understanding of session management across geographically distributed locations.
• Installation and configuration of ForgeRock LDAP
• Deep understanding of replication and user directory synchronization
• Good knowledge of OpenID connect and OAuth protocols
• Setting up LDAP password policies and ACIs using custom scripts
• Familiarity with all different flavors of web servers and app servers including IIS, Apache, MGINX, Apache Tomcat and Node.js
• Installation of configuration of ForgeRock agents on web servers and app servers
• Demonstrate ability to work in a complex organization to determine business and customer needs, providing the best solution to meet those needs
• You will work closely with Operations, database, and middleware engineering teams to maintain high system up time according to agreed SLA
• Operate with little supervision and oversight.
• You will work effectively with teams spread across different time zones

Basic Qualifications

• B.S. degree with 7+ years or M.S. degree with 6+ years of experience in managing global enterprise wide platform solutions
  • Knowledgeable and working experience with Http web servers, Apache, IIS, Tomcat, JWS,
  • Knowledgeable and working experience with LDAP technologies
  • Knowledgeable and working experience with Linux & Windows operating systems
  • Knowledgeable and working experience with application system and performance monitoring software tools
• Able to work with cross-functional teams from different geographic locations globally. Understand various development methodology, including waterfall and Agile/Scrum
• Proven track record of executing and driving result in a collaborative and thoughtful manner
• Experience in capacity planning, performance tracking and measurement (KPI)
• Excellent verbal and written communication skills
• Understands release managements and familiar with tools like Jira

Preferred Qualifications

• Familiarity with various industry audit/security standards including PCI-DSS, NIST and FFIEC
• Strong knowledge of web-based 3-tier application and security architecture. Good knowledge of overall network architecture including firewalls, load balancer and WAF
• Knowledge and working experience of API authentication and authorization 
• Known for building and growing first class engineering team
• The position and incumbent must be based in Austin; we prefer not to provide to relocation assistance in connection with this position
• Authorization to work in the U.S.; we prefer not to sponsor applicants for work visas in connection with this position. 

Position Location & Work Authorization: 

• The position and incumbent must be based in Austin; we prefer not to provide to relocation assistance in connection with this position
• Authorization to work in the U.S.; we prefer not to sponsor applicants for work visas in connection with this position. 

Work Hours:

• Incumbent must make themselves available during core business hours. 

Travel Requirements: 

• This position requires the incumbent to travel for work 0-5% of the time.

Mental/Physical Requirements: 

• This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds. 

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.