The IAM Cybersecurity team is searching for an attentive, thoughtful, communicative and passionate engineer to join our team to enhance our security posture for LDAP and Unix systems access management via the design, implementation, and execution of IAM controls.
Seeking individuals with Unix System Administration (SA) background, LDAP expertise, extensive IAM knowledge, strong Access Management fundamentals, and experience in RBAC (Roles Based Access Control) to re-engineer and re-design Visa’s Unix Access Model.
Working with other Subject Matter Expert (SME), architects, lead engineers and managers responsible for a given area; this role will focus primarily on Unix/LDAP access management but will also provide support for Public Cloud platforms (AWS, GCP and Azure), Containerization or AD/Unix integration.
- Manage and execute BAU (Business As Usual) operational tasks related to Unix and LDAP access management.
- Enhance and improve existing BAU processes through automation (scripting/orchestration – Ansible, Cloudview, Jenkins, etc.), integration with IAM tools (SailPoint) or reporting (Tableau, PowerBI, ServiceNow CMDB, MSSQL etc.).
- Unix/LDAP Access Attestation and Audit Support
- Mentor and Team SME for Unix and LDAP, responsible for the technical aspects of designing and implementing IAM best practices.
- SME representing IAM Access Management on various project team for major initiatives, ensuring IAM guidelines and best practices are followed.
- Experience in operatizing projects and IAM System tools.
- 8 or more years of relevant work experience with a Bachelor’s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD
- 9 or more years of relevant work experience with a Bachelor’s Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD
- 5 years of implementing IAM security best practices for infrastructure, applications, and services using automation
- 6-8 years relevant experience as a Unix System/User Administrator
- CISSP / CCSP/ AWS / Azure certified professional preferred
- LDAP – advanced LDAP queries, extract data from LDAP for reporting, use LDIF file to make changes to LDAP, use of LDAP Administration tool
- Experience in designing, implementing and supporting identity management for Unix and LDAP system
- Experience with LDAP - UNIX privilege access management – i.e. Sudo, Key based Access, Password Vaulting/Integration
- Identity Management experience, including provisioning, operations and management of roles and policies
- Thorough understanding of access management best practices
- Understand and administer identity and access management services, tools and features in public cloud provider environments
- Understand basic security principles such as separation of duties (SoD) and least privilege (LP)
- DevOps experience with understanding of REST APIs
- Understanding of cloud container service (EKS, AKS, GKE)
- A strong desire to work with new and upcoming technologies
- General programming/scripting skills (e.g. Python, PowerShell, etc)
Work Hours This position requires the incumbent to be available during core business hours.
Travel Requirements This position requires the incumbent to travel for work less than 10% of the time.
Mental/Physical Requirements This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
Visa will consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
Due to the COVID-19 pandemic and the evolving visa/travel restrictions in place, we are currently only able to extend offers to candidates with the right to work in Singapore. We are keeping the situation under close review and will adjust accordingly should the restrictive measures be lifted.
Job Number: REF002219W