Associate Cybersecurity Engineer
Tink
Company Description
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.
Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.
Job Description
As an Associate Cybersecurity Engineer in the IAM Team, you will play a pivotal role in Visa’s global Identity and Access Management (IAM) program—a cornerstone of our cybersecurity strategy. You will focus on implementing, managing, and automating IAM solutions covering the entire identity lifecycle: from provisioning and authentication to privileged access and governance, with a strong emphasis on leveraging AI-driven automation.
This position is ideal for professionals passionate about IAM domains (Identity Governance & Administration, Privileged Access Management, Authentication & Authorization, and Access Reviews/Certifications) and hands-on experience with leading IAM technologies.
Essential Functions:
IAM Operations & Technology Management
-
Operate, administer, and optimize enterprise IAM solutions, including:
Identity Governance & Administration (IGA): SailPoint, ForgeRock, Microsoft Azure AD
Privileged Access Management (PAM): BeyondTrust, CyberArk, Password Safe, Enterprise Random Password Manager
Access Management & Federation: Okta, Azure AD, SAML, OIDC, OAuth
Directory Services: Active Directory, LDAP
Manage robust onboarding and lifecycle management of identities (workforce, privileged, application, and non-human identities) across on-premises and cloud environments.
Automate user provisioning, deprovisioning, and access certification processes using scripts, APIs, and AI-powered workflows.
IAM Governance, Risk & Compliance
Automate and validate IAM controls, evidence collection, and access reviews to ensure compliance with regulatory standards (GDPR, SOX, PCI-DSS, HIPAA).
Support audit activities by interpreting requests, compiling accurate access data, and driving remediation of IAM-related findings.
Monitor and enforce least privilege and Zero Trust access principles across all systems.
Privileged Access Security
-
Implement, manage, and maintain PAM solutions:
Secure vaulting of privileged credentials
Session management and recording
Automated password rotation and compliance reporting
Optimize and automate patching, vulnerability remediation, and compliance of PAM infrastructure.
Access Governance & Analytics
Develop and enhance AI/ML-driven analytics for access anomalies, role mining, and segregation of duties (SoD) analysis.
Integrate Gen AI and automation to detect, respond, and mitigate identity-related risks and threats.
Incident Response & Change Management
Triage and respond to IAM/PAM incidents (privilege misuse, access anomalies, identity compromise), ensuring rapid containment and recovery.
Implement change management for IAM platforms, ensuring operational continuity and security integrity.
Continuous Improvement & Collaboration
Drive continuous improvement by integrating best practices, automation, and innovative technologies into IAM workflows.
Collaborate with application owners, infrastructure, security, and compliance teams to deliver scalable, secure, and user-friendly IAM solutions.
Maintain documentation, runbooks, and knowledge base articles for operational excellence.
This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.
Qualifications
Basic Qualifications
•Bachelor’s degree OR 3+ years of relevant work experience.
Preferred Qualifications
•2 or more years of work experience.
•1-2 years of hands-on experience in IAM domains: governance, PAM, authentication, access certification, and risk management.
•Proficiency in IAM platforms: SailPoint, ForgeRock, Okta, Beyond Trust, CyberArk, Microsoft Azure AD, or similar.
•Experience with directory services (Active Directory, LDAP) and federation protocols (SAML, OIDC, OAuth).
•Strong coding/scripting ability (Python, PowerShell, Java, Shell) for IAM automation and integration.
•Familiarity with AI/ML and Gen AI concepts as applied to IAM use-cases (access analytics, anomaly detection, process automation).
•Knowledge of industry standards and regulatory frameworks (GDPR, SOX, PCI-DSS).
•Experience with IAM auditing, access reviews, and compliance reporting.
•Understanding of Zero Trust, least privilege, and identity-centric security models.
•Excellent communication, stakeholder management, and cross-team collaboration skills.
•Relevant certifications (CISSP, CISA, CISM, or vendor-specific IAM certs) are a plus.
Technical Skills & Experience
•Hands-on administration of PAM solutions (BeyondTrust, CyberArk, Password Safe), including vaulting, session recording, and automation.
•Deep understanding of IGA processes (provisioning/deprovisioning, access certification, SoD).
•Experience in integrating IAM solutions with enterprise applications and cloud platforms.
•Exposure to ITDR (Identity Threat Detection & Response) and AI agents for identity security automation.
•Familiarity with infrastructure management, patching, and vulnerability management in IAM environments.
•Experience with API, microservices, and RESTful integrations for IAM platforms.
Additional Information
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.