Senior Cybersecurity Analyst

Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories. The role is within Cybersecurity’s Global Business‑to‑Business Identity & Access Management (B2B IAM) team, which secures access to Visa’s business portals and associated services worldwide.

• 5+ years of relevant work experience with a Bachelor’s Degree, or at least 2 years with an Advanced degree, or 0 years with a PhD, or 8+ years of relevant experience.
• Familiarity with web/application servers: Apache HTTP Server, Microsoft IIS, Apache Tomcat; exposure to NGINX or JWS is a plus.
• Knowledge of LDAP concepts and basic directory administration.
• Linux fundamentals and basic Windows Server administration.
• Experience with monitoring/logging tools such as Splunk, Elastic/Kibana, Grafana, Prometheus.
• Understanding of SSO/federation standards (SAML 2.0, OpenID Connect, OAuth 2.0) and MFA concepts.
• Working knowledge of software development practices: Git, pull requests, scripting in Shell/Python, and issue tracking in Jira.
• Strong collaboration and communication skills with globally distributed teams.
• Awareness of release/change management and safe deployment patterns.
• Preferred: Hands-on experience integrating SSO or configuring IAM platforms (ForgeRock AM/DS preferred).
• Exposure to API authentication concepts (OAuth 2.0 flows, JWT) and mTLS basics.
• Familiarity with web/security architecture fundamentals (TLS, reverse proxies, load balancers, WAF).
• Basic CI/CD and infrastructure as code exposure (Jenkins, GitHub Actions, GitLab CI, Terraform).
• Experience writing automation scripts (Shell/Python/Groovy) to reduce toil.
• Awareness of incident/change/problem management processes related to IAM operations.
• Understanding of GDPR, PCI DSS, and ISO/IEC 27001 compliance requirements.

• Support SSO integrations on ForgeRock Access Management (AM) by applying standard configurations, running integration tests, and triaging issues.
• Assist in setting up and maintaining federation using SAML 2.0, OpenID Connect, and OAuth 2.0, including managing metadata, certificates/keys, and troubleshooting.
• Contribute to authorization policy updates and build adaptive authentication trees/journeys in ForgeRock AM.
• Participate in AM environment operations, including configuration changes, hardening, and tuning.
• Validate and tune session management configurations across regions.
• Assist with ForgeRock Directory Services (DS) health checks, replication status, user/directory sync jobs, and backups.
• Maintain LDAP settings and write simple automation scripts in Shell/Python.
• Execute performance and load test plans, collect results, and identify bottlenecks.
• Deploy and manage ForgeRock web/app server agents across various servers including IIS, Apache HTTP Server, NGINX, Apache Tomcat, Node.js, and JBoss Web Server.
• Implement and support Multi‑Factor Authentication (MFA) rollouts, monitor success/error rates, and assist troubleshooting.
• Provide L2 operational support on rotation, document knowledge base articles and known-error records, and escalate issues.
• Produce and maintain clear documentation such as change records, runbooks, and build/ops notes.
• Collaborate with globally distributed teams, participate in change/release cadences, and escalate urgent issues.

Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status. Visa considers qualified applicants with criminal histories consistent with EEOC guidelines and local law.