As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You're an Individual. We're the team for you. Together, let's transform the way the world pays.

The IAM Cybersecurity team is searching for an attentive, thoughtful, communicative and passionate engineer to join our team to enhance our security posture for LDAP and Unix systems access management via the design, implementation, and execution of IAM controls. 

Seeking individuals with Unix System Administration (SA) background, LDAP expertise, extensive IAM knowledge, strong Access Management fundamentals, and experience in RBAC (Roles Based Access Control) to re-engineer and re-design Visa’s Unix Access Model.

Working with other Subject Matter Expert (SME), architects, lead engineers and managers responsible for a given area; this role will focus primarily on Unix/LDAP access management but will also provide support for Public Cloud platforms (AWS, GCP and Azure), Containerization or AD/Unix integration.

Essential Functions 

• Manage and execute BAU (Business As Usual) operational tasks related to Unix and LDAP access management.
• Enhance and improve existing BAU processes through automation (scripting/orchestration – Ansible, Cloudview, Jenkins, etc.), integration with IAM tools (SailPoint) or reporting (Tableau, PowerBI, ServiceNow CMDB, MSSQL etc.).
• Unix/LDAP Access Attestation and Audit Support
• Mentor and Team SME for Unix and LDAP, responsible for the technical aspects of designing and implementing IAM best practices. 
• SME representing IAM Access Management on various project team for major initiatives, ensuring IAM guidelines and best practices are followed.
• Experience in operatizing projects and IAM System tools.

Basic Qualifications:

• 8 or more years of relevant work experience with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD

Preferred Qualifications:

• 9 or more years of relevant work experience with a Bachelor’s Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
• 5 years of implementing IAM security best practices for infrastructure, applications, and services using automation
• 6-8 years relevant experience as a Unix System/User Administrator
• CISSP / CCSP/ AWS / Azure certified professional preferred
• LDAP – advanced LDAP queries, extract data from LDAP for reporting, use LDIF file to make changes to LDAP, use of LDAP Administration tool
• Experience in designing, implementing and supporting identity management for Unix and LDAP system
• Experience with LDAP - UNIX privilege access management – i.e. Sudo, Key based Access, Password Vaulting/Integration
• Identity Management experience, including provisioning, operations and management of roles and policies
• Thorough understanding of access management best practices
• Understand and administer identity and access management services, tools and features in public cloud provider environments
• Understand basic security principles such as separation of duties (SoD) and least privilege (LP)
• DevOps experience with understanding of REST APIs
• Understanding of cloud container service (EKS, AKS, GKE)
• A strong desire to work with new and upcoming technologies
• General programming/scripting skills (e.g. Python, PowerShell, etc)

Work Hours This position requires the incumbent to be available during core business hours.

Travel Requirements This position requires the incumbent to travel for work less than 10% of the time.

Mental/Physical Requirements This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds. 

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Due to the COVID-19 pandemic and the evolving visa/travel restrictions in place, we are currently only able to extend offers to candidates with the right to work in Singapore. We are keeping the situation under close review and will adjust accordingly should the restrictive measures be lifted.