Senior Cybersecurity Engineer

We are looking for a Senior Cybersecurity Engineer to join our Identity Engineering team. This role operates at the intersection of security platform engineering and cloud-native architecture helping design build and operate secure identity and authorization foundations that support critical financial workloads at scale.

The engineer will work closely with application engineering platform SRE and external partners to ensure identity services are secure resilient and easy to consume. This is a hands-on role for someone who enjoys building automating and continuously improving security capabilities in modern cloud environments.

Key responsibilities include:

• Designing implementing and operating identity and authorization platforms used across internal and external services
• Defining and evolving authentication and authorization patterns based on OAuth 2.0 OpenID Connect and token-based security
• Supporting and improving API security using API Gateway technologies preferably Kong including authentication flows rate limiting and policy enforcement
• Collaborating with engineering teams to securely integrate identity solutions into APIs and services
• Building and maintaining infrastructure using Infrastructure as Code (Terraform)
• Operating and securing Kubernetes-based workloads and identity-related services
• Contributing to cloud architecture decisions with a strong focus on security resilience and scalability
• Partnering with DevOps and SRE teams to improve observability incident response and operational excellence
• Participating in security reviews threat modeling and architecture design discussions
• Defining best practices documentation and reference architectures for identity and access management
• Continuously learning and staying current with modern identity cloud security and platform engineering practices

This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice. #LI-Remote

Qualifications :

Basic Qualifications:

• 6 or more years of work experience with a Bachelors Degree or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters MBA JD MD) or up to 3 years of relevant experience with a PhD
• Strong experience securing API Gateway platforms with deep familiarity in architectures based on Kong Gateway (Enterprise or OSS) including ingress and egress traffic patterns in cloudnative environments.
• Proven expertise in Identity and servicetoservice security including the design enforcement and validation of mTLSbased communication certificate lifecycle management and trust boundaries across distributed systems.
• Handson experience working with Public Key Infrastructure (PKI) concepts and implementations including certificate issuance rotation revocation and integration with gateways and workloads.
• Deep understanding of API security controls implemented at the gateway layer such as OAuth2 OpenID Connect JWT validation client credentials rate limiting traffic filtering and abuse prevention.
• Strong experience securing Kubernetesbased platforms including API Gateway deployments running inside clusters with knowledge of namespaces workload isolation network policies and integration with service mesh when applicable.
• Solid experience reviewing and influencing Infrastructure as Code (IaC) used to provision API Gateways identity components and supporting infrastructure particularly using Terraform and GitOpsstyle workflows.
• Proven ability to perform security assessments threat modeling and architectural reviews for gateway and identity platforms identifying systemic risks misconfigurations and scalability concerns.
• Strong understanding of observability and security monitoring for gateways and identity services including logs metrics and traces used to detect anomalies investigate incidents and support audits.
• Excellent analytical and problemsolving skills with strong attention to detail when operating in hightraffic multienvironment and multiregion platforms.
• Ability to clearly communicate security risks architectural decisions and remediation strategies to engineering teams platform owners and nontechnical stakeholders.
• Demonstrated ability to lead and influence crossfunctional teams including platform engineering SRE and application teams ensuring consistent security baselines across the API and identity ecosystem.

Preferred Qualifications:

• Programming experience is desirable but not required; the role prioritizes security architecture platform design control enforcement and risk management over featurelevel development.

Additional Information :

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Remote Work :

Yes

Employment Type :

Full-time