Staff Info. Security Engineer ( Active Directory )
As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.
You're an Individual. We're the team for you. Together, let's transform the way the world pays.
The IAM Cybersecurity team is looking for a Cybersecurity Engineer to help us architect, engineer, deploy and manage our Global Active Directory Services.
We are searching for a passionate engineer to join our team to help us evaluate, implement, deploy and support IAM technologies that enable SSO, Authentication & Authorization for our enterprise applications. The motivated candidate should have a firm understanding Active Directory Services, LDAP, Kerberos, ADFS, SSO/Federation, Security fundamentals, network devices such as load balancers and firewalls. Additionally, he/she should have a working knowledge of windows server operating systems. Engineers typically work under the guidance of SME lead engineers and managers responsible for a given area.
- Help engineer, deploy & manage Active Directory Services in a globally distributed environment.
- Excellent troubleshooting skills with Active Directory: Able to solve AD issues and also troubleshoot connectivity issues with AD.
- Integrate applications, network devices and systems with AD for authentication and directory services.
- Collaborate with other teams within IAM and provide solution and support for AD & Windows Server technologies.
- Develop security standards for Active Directory and related technologies.
- Maintain software and OS levels to the latest standards.
- Monitor the infrastructure to make sure availability and performance SLA’s are met.
- Monitor and maintain tools used for Monitoring, Auditing, Reporting and Backup.
- Partner with Architects, Engineers and Operations individuals across a variety of services and infrastructure organizations to resolve issues, provide technical feedback, and to contribute to the overall architecture direction.
- Analyze and isolate problems and issues while leading problem bridges while being available for 3rd level on call support when needed.
- Enhance and improve existing infrastructure through automation and reporting.
- Collaborate effectively with a team, utilizing excellent verbal and written communication skills.
- Successfully deliver projects, meet project milestones, and communicate issues/risks appropriately.
- Develop and document policies, procedures, and associated training plans for systems administration and operations teams.
- Take handoff of problems from SME leads and work them independently to root cause.
- Own Root Cause Analysis and Problem Management for corporate Identity Management environment.
- Create and maintain system documentation for domain technologies, including installation, configuration, and appropriate troubleshooting steps.
- Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
- 5-7 years relevant experience for Sr. Cybersecurity Engineer with a Bachelor's Degree in Computer Science or a relevant discipline
- 1-3 years’ experience strong technical knowledge and experience with planning, deploying and maintaining Active Directory services in the enterprise-level environment
- Strong technical knowledge of LDAP, Authentication, Kerberos, DNS and windows security in general.
- Strong technical knowledge and experience with Microsoft Windows server OS
- Experience with Windows and Mac Desktop Operating Systems
- Must have deep and thorough understanding of monitoring best practices, preferably with Microsoft System Center Operation Manager (SCOM)
- Experience troubleshooting AD, Kerberos, LDAP application connectivity issues
- Experience with Wireshark or Network Monitor or similar tools
- Thorough understanding of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)
- Strong understanding of PKI technologies
- Self-motivated, with keen attention to detail and excellent judgment skills
- Excellent communication skills
- Good PowerShell scripting skills
- Experience documenting and maintaining configuration and process information
- Excellent client service delivery with a focus on the end user experience
- Experience with Quest AD tools (ARS, Change Auditor, and RMAD)
- Good understanding of MDM, AAA and MFA
- Strong technical knowledge of IIS & SQL
- Experience with ESAE
- Strong technical knowledge of ADFS, Azure AD/AWS, AD Connect and Federation
- Incumbent must make themselves available during core business hours.
- Requires availability to meet with teams in Asia Pacific at least twice weekly
- This position does not require the incumbent to travel.
- This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.