Information security is foundational to Visa’s culture and critical to our leadership in electronic payments. This role sits within Cybersecurity’s Global Business‑to‑Business Identity & Access Management (B2B IAM) team, which secures access to Visa’s business portals and associated services worldwide. You will design, implement, and operate IAM solutions—primarily on ForgeRock—aligned to an evolving threat landscape, regulatory obligations, and enterprise architecture. You will partner closely with Operations, Database, and Middleware Engineering to meet or exceed SLA and availability targets while supporting compliance with GDPR, PCI DSS, and ISO/IEC 27001.
Essential Functions
· Support SSO integrations on ForgeRock Access Management (AM): apply standard configs, run integration tests, and triage issues under guidance.
· Assist in setting up and maintaining federation using SAML 2.0, OpenID Connect, and OAuth 2.0 (manage metadata, certificates/keys, and basic troubleshooting with logs).
· Contribute to authorization policy updates and help build adaptive authentication trees/journeys in ForgeRock AM using approved patterns and templates.
· Participate in AM environment operations: follow runbooks to apply configuration changes, perform basic hardening/tuning in non‑production, execute supervised changes in production.
· Help validate and tune session management configurations across regions in test, raise risks and anomalies promptly.
· Assist with ForgeRock Directory Services (DS): routine health checks, replication status verification, user/directory sync jobs, and backups following SOPs.
· Maintain LDAP settings (password policies, ACIs) and write simple automation scripts (Shell/Python) for repetitive tasks.
· Execute performance and load test plans created by senior engineers, collect results and highlight bottlenecks.
· Deploy and manage ForgeRock web/app server agents via standard procedures across IIS, Apache HTTP Server, NGINX, Apache Tomcat, Node.js, and JBoss Web Server (JWS)—initially in test, then production with oversight.
· Implement and support Multi‑Factor Authentication (MFA) rollouts, monitor success/error rates and assist with troubleshooting.
· Provide L2 operational support on rotation, document KB articles and known‑error records, escalate appropriately.
· Produce clear documentation (change records, runbooks, build/ops notes) and keep them current.
· Collaborate effectively with globally distributed teams and participate in change/release cadences, make timely, well‑informed recommendations and escalate urgent issues.
This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.