Senior Solutions Architect - Identity and Access Management

Resource Solutions Visa
United Kingdom
11 Nov 2017
17 Nov 2017
Contract Type
Full Time
Sr. Solutions Architect - Identity and Access ManagementVisa is looking for an experienced security architect with broad and deep knowledge of Identity and Access Management to join the IAM Program in our Enterprise Security Architecture team. The IAM Architect will work with business units to guide them in implementing the correct solutions for their needs while adhering to Visa standards and best practices. The IAM Architect will also work with multiple parts of Global Information Security as well as other organizations to define and evaluate policies, standards and solutions for enterprise and business use.Regular telecommuting is not an option. Occasional travel to Foster City will be required.This position focuses primarily (80%+) on system and infrastructure IAM for internal staff, not web and not customers.A minimum of 10 years' experience as an architect working on system and infrastructure IAM is mandatory. Technical exams will be administered.Candidates must be experienced (at least 10 years) with designing, implementing and optimizing solutions using many of the following technologies and concepts: Active Directory (Must be familiar with forest and domain design, trusts, directory structure, GPO, security best practices, etc.) Other Directories (LDAP & X500) Web Access Management using standard solutions such as CA SSO/SiteMinder, Oracle Access Manager, ForgeRock, etc. Single Sign-on and Federation using standard protocols and frameworks such as Kerberos, SPNEGO, SAML 2.0, ADFS, OpenID Connect, etc. Privileged Access Management using solutions such as CA PAM/Xceedium Gatekeeper, BeyondTrust PowerBroker, Dell Privilege Manager, Managed sudo, etc. Two-factor Authentication (Legacy One-Time Password solutions and Certificates on Smart Cards as well as modern Push Authentication) Adaptive Authentication Device Authentication & Profiling Identity Management (requesting, automated provisioning, de-provisioning, reconciliation, certification, etc.) Public and Private Cloud IAM (Familiarity with IDaaS solutions such as Azure AD and Okta as well as securing SaaS) Windows Security Unix and Linux Security (especially privileged command management and AD integration) PKI SSH Key ManagementThe following skills are also required: Solid written and verbal communication Knowledge of formal architecture documentation processes such as UML, MDA, Zachman, TOGAF Effective at presenting information to different audiences at the correct level of detail (ie, from engineering teams to executive management) Capable of working on multiple projects simultaneously Capable of solving complex problems Capable of defining strategic and tactical solutions, and knowing when each applies Deep knowledge of the security aspects of the following operating systems: Windows, MacOS, Linux, UNIX, z/OS, Non-Stop. Experience and/or interest in developing security policies and standardsThe following are all desirable and would be considered assets: Involvement in industry groups related to IAM Ability and interest in staying current on latest IAM and security standards, solutions and best practices Familiarity with modern deployment constructs such as containers (Docker, Mesos, etc.) - provided by Dice ACTIVE DIRECTORY, ADFS, AZURE, CLOUD, DOCKER, IDENTITY MANAGEMENT, INFORMATION SECURITY, KERBEROS, LDAP, LINUX, ORACLE, SAAS, SAML, UML, UNIX, WINDOWS