Lead Cybersecurity Engineer
Bengaluru, India
Visa
Das digitale und mobile Zahlungsnetzwerk von Visa steht an der Spitze der neuen Zahlungstechnologien für die neue Zahlung, elektronische und kontaktlose Zahlung, die die Welt des Geldes bildenCompany Description
Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive.
When you join Visa, you join a culture of purpose and belonging – where your growth is priority, your identity is embraced, and the work you do matters. We believe that economies that include everyone everywhere, uplift everyone everywhere. Your work will have a direct impact on billions of people around the world – helping unlock financial access to enable the future of money movement.
Join Visa: A Network Working for Everyone.
Job Description
Cybersecurity is at the beating heart of our culture. Our diligence and expertise is what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Identity and Access Management team, poised to defend us against any potential cyber threats. We’re looking for those of you who are inherently driven and fascinated by the art and science of cyber defense. We’ll arm you with the very best tools and tech so that you can deliver top notch results. Development underpins job fulfillment at Visa.
As Lead Cybersecurity Engineer, you’ll be enthused by getting forefront into various payment security sector related projects. You will have the chance to work with people from a range of disciplines as well as colleagues and clients at every level.
The IAM Cybersecurity team is looking for an attentive, thoughtful, communicative, and passionate engineer to join our team. You will help us evaluate, implement, deploy and support IAM technologies that enable SSO, Authentication & Authorization for our enterprise and cloud platforms. This role will focus primarily on access management functions for Acquired Entities (AE) and CSP platforms (AWS, GCP and Azure) platforms.
Engineers typically work under the guidance of Subject Matter Expert (SME), architects, lead engineers and managers responsible for a given area this role will focus primarily on access management for CSP platforms (AWS, GCP and Azure.
Essential Functions
- Meet with business users to determine and consult on requirements and design cloud identity solutions from the ground up
- Effectively communicate business processes, security policy requirements, and technical details to a wide range of technical and non-technical individuals.
- Automate IAM access controls by developing and modifying Infrastructure As Code (IaC) scripts for configuring cloud platforms using CI/CD pipeline
- Design, build, and maintain scalable cloud infrastructure entitlements using RBAC in AWS, Azure and GCP cloud platforms
- Understand and utilize fundamental security policies and best practices to secure CSP environments
- Manage and execute BAU operational tasks for public Cloud platform (AWS, GCP, Azure)
- Manage and execute BAU operational tasks for AE platforms (Active Directory)
- Collaborate with other Cybersecurity and Operations/Infrastructure teams to provide solutions and support for Cloud platform utilizing excellent verbal and written communication skills
- Proficiency with tools used for auditing and reporting to support internal and external audits request for evidence
- Develop scripts and document procedures along with processing tickets assigned to team incident and task queue (ServiceNow) to handle operations and access requests, to make sure availability and performance SLAs are met
- Utilize SIEM tools (e.g. Splunk, Sumo Logic) to analyze security event logs, troubleshoot authentication errors, and perform root cause analysis
- Monitor KPIs and provide fulfillment for incident / access request ticketing queues to meet or exceed SLAs.
- Analyze and troubleshoot incidents by being available for on-call rotation for support.
This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office two days a week, Tuesdays and Wednesdays with a general guidepost of being in the office 50% of the time based on business needs.
Qualifications
Basic Qualifications:• 10 or more years of work experience with a Bachelor’s degree or at least 8 years of work experience with an Advanced Degree (e.g. Masters/ MBA/JD/MD) or at least 3 years of work experience with a PhD
• 5+ years of experience of implementing IAM security best practices for cloud-based infrastructure, applications, and services. Must have a hands-on experience in building and designing Cloud solutions from Cloud Service Providers like AWS, GCP and Azure
• 3+ years utilizing software configuration management (BitBucket, Jenkins) and Infrastructure as Code (Terraform)
Preferred Qualifications:
• 12 or more years of work experience with a Bachelor’s degree or 8-10 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 6+ years of work experience with a PhD
• CISSP and/or Certification in any CSP AWS, GCP or Azure highly desirable.
• Deep Identity and Access Management experience in Active Directory, AWS, GCP or Azure, including provisioning, operations and management of roles and policies with understanding of RBAC, JIT and ZTA.
• Implemented access management best practices for CSPs with administration of IAM services in CSP environments.
• Understand security principles such as separation of duties (SoD) and least privilege (LP)
• DevOps experience with understanding of REST APIs
• Understanding of cloud container service (EKS, AKS, GKE)
• General programming/scripting skills (e.g. Python, Powershell, etc)
• Supported Control Tower / Landing Zone in AWS
• A working knowledge of AD, Windows server operating systems including LDAP, Authentication, Kerberos and DNS
Additional Information
Visa has adopted a COVID-19 vaccination policy. As a condition of employment, all employees based in the country where this job is located are required to be fully vaccinated for COVID-19, unless a reasonable accommodation is approved or as otherwise required by law.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory APIs Audits AWS Azure Bitbucket CI/CD CISSP Cloud Cyber defense DevOps DNS GCP IAM Kerberos KPIs LDAP PhD PowerShell Python Scripting SIEM SLAs Splunk SSO Terraform Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs