Company Description|Job Description
As the world's leader in digital payments technology, Visa's mission is to connect the world through the most creative, reliable & secure payment network - enabling individuals, businesses, & economies to thrive. Our advanced global processing network, VisaNet, provides secure & reliable payments around the world, & is capable of handling more than 65,000 transaction messages a second. The company's dedication to innovation drives the rapid growth of connected commerce on any device, & fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network & scale to reshape the future of commerce.
At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, & be part of an inclusive & diverse workplace. We are a global team of disruptors, trailblazers, innovators & risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, & doing meaningful work that brings financial literacy & digital commerce to millions of unbanked & underserved consumers.
You're an Individual. We're the team for you. Together, let's transform the way the world pays.
Visa is seeking a Chief Architect, Identity & Access Management (IAM) in the Cybersecurity department to act as one of key technology leaders to build a strategic & tactical IAM architecture roadmap & collaborate with the team to execute on it from concept to production.
The Identity And Access Management (IAM) team's vision is to securely & easily connect all authorized users to the resources they need to do their work & to protect Visa from unauthorized access. The IAM mission is to protect Visa assets & the brand by expanding coverage of applications andsystems, increasing privileged access management coverage, simplifying the user experience, optimizing IAM processes, & driving to a continuously higher global security posture following a practical risk-based approach.
The IAM Chief Architect will work as a member of the Cybersecurity IAM team, & with deep & broad expertise in IAM systems & industry best practices & trends, will provide overall strategic architectural direction. The individual will perform a lead role in identification, analysis, evaluation, & adoption of IAM architectures & technologies. The IAM Chief Architect will collaborate actively with the IAM leaders & teams to ensure the right IAM solutions are successfully designed, developed, deployed & operated end-to-end from conception through production. In addition, the IAM Chief Architect will be involved with evangelizing IAM best practices, education & mentorship, development of technical architecture & standards documents, & advanced topics research.
Craft a practical architectural road map from the existing state to a target state that utilizes industry best practices, upcoming standard trends (such as Zero Trust, FIDO & biometrics), & can meet diverse requirements for security, compliance, high availability, scalability & performance,excellent user experience,and innovation.
- Architect & deliver global, large-scale IAM systems,overseeing data architecture, development & systems integration,and align complex business problems to appropriate technology solutions that deliver strong returns on investment
- Own the IAM technical standard documents for both the employee as well as customer/consumer domains
- Author & maintain the IAM reference architecture, & IAM technology standards documents
- Key contributor to the IAM strategy & road map
- Analyze & provide Point of View perspectives on complex, challenging cross-domain problems
- Collaborate with the other technology architects & leads to ensure that IAM security is properly embedded in their technology architecture
- Advise leadership on IAM issues, systems, processes, products, & services
- Maintain oversight of the design & implementation of IAM systems to ensure appropriate & effective security controls are included
- 12 years of work experience with a Bachelor's Degree; 10 years of work experience with an Advanced degree (e.g. Masters/MBA/JD/MD),or a minimum of 5 years of work experience with a PhD
- Deep interest & 10+ years practical, hands-on expertise in IAM (especiallyIAM for employees, but also IAM for customers/consumers) including current best practice & future trends such as zero trust, Cloud, mobile, API security, multi-factor authentication, container security, Hadoop, etc.
- Hands-on experience architecting, designing, developing, deploying & operating scalable IAM solutions for large multinational enterprises & within heterogeneous application server, operating system & database environments
- Very strong ability to collaborate & harvest the best ideas from the team at Visa as well as from industry, & to collaboratively negotiate priorities, to construct the best practical path forward for Visa.
- Excellent written & verbal communication skills. Should be the owner & chief editor of the IAM architecture & technical standards documents. Excellent written skills are critical for authoring precise, easy-to-read architectural standards with the proper rationale so that they can be easily followed by the rest of the organization. Excellent collaborative skills are essential to harvest the best ideas from across the team, & also to construct a practical, phased road map.
- Experience developing & authoring technical standards for IAM, strategies, architectures, & road maps
- Experience with the following:
- Deep understanding of the full IAM life-cycle including Joiners-Movers-Leavers, authentication, authorization, AD groups, & privileged access for systems & applications & enrolling applications & systems into the IAM platform
- Strong understanding of (and ability to create/influence) corporate IAM policy, modern IAM security requirements & best practices & enterprise Key Controls
- Experience on building strong authentication & access control mechanisms on Windows, Mac desktops & systems (Unix, Windows, Mainframe, Tandem) & applications
- Single-Sign-On (SSO) & federation standards such as SAML & OpenID Connect
- Multi-Factor Authentication (MFA)
- Privileged Access Management - including solutions such as Xceedium, CyberArk
- API security including standards such as OAUTH
- IAM solutions for big data platforms such as Hadoop
- Mobile application authentication & authorization
- Experience on Cloud IAM deployments (e.g., IAM to secure deployments on AWS, Azure)
- Experience on working with internal audit, compliance, pen testers & external assessors to both reactively & proactively assess & correct findings related to IAM
- Knowledge of Active Directory forest architecture, trusts, hardening concepts, LDAP, Kerberos, & integration with Linux platform & applications.
- ISO 270001, CISSPcertifications
- Ability to quickly learn & adapt to complex environments in large multinational financial service companies such as Visa & implement practical, robust IAM solutions
- Ability to construct right-sized IAM solutions for mergers & acquisitions that meet benefit/cost criteria
- Experience with SailPoint, ForgeRock, Xceedium, Citrix, etc.
- Experience with modern & existing IAM standards such as FIDO, OAuth, Open ID Connect, SAML, WS-Federation, & WS-Security; & ability to influence such standards based on enterprise needs
Incumbent must make themselves available during core business hours.
This position may require the incumbent to travel up to 10% of the time.
This position will be performed in an office setting. The position will require the incumbent to sit & stand at a desk, communicate in person & by telephone, frequently operate standard office equipment, such as telephones & computers, reach with hands & arms, & bend or lift up to 25 pounds.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines & applicable local law.