As a Data Scientist on Visa’s Global Business‑to‑Business Identity & Access Management (B2B IAM) team, you will turn authentication, authorization, and directory telemetry into actionable insight. You’ll help build baseline models and analyses for anomaly detection, user/entity behavior analytics (UEBA), and risk‑based access that strengthen MFA journeys and session controls while improving user experience. In partnership with IAM Engineering and Release Engineering, you’ll take work from notebooks to production on ForgeRock‑centric platforms using CI/CD, containerization, and monitoring. You will also explore agentic AI approaches—safe, human‑in‑the‑loop automations that can propose experiments, generate features, triage anomalies, and suggest policy or journey adjustments (e.g., automating onboardings), with audit trails and guardrails. Your contributions will support service reliability and SLA/availability targets and will follow privacy‑by‑design practices aligned to GDPR, PCI DSS, and other audits.
· Ingest and prepare IAM telemetry (ForgeRock AM/DS, SAML/OIDC/OAuth events, MFA, sessions, directory logs) for analysis and modeling.
· Build and evaluate baseline models for anomaly detection, UEBA, and risk scoring, track clear metrics (precision/recall, ROC‑AUC/PR‑AUC).
· Run focused EDA and A/B tests to tune adaptive journeys and MFA step‑ups for both security and user experience.
· Engineer features and keep work reproducible (clean notebooks, versioned datasets, lightweight data docs).
· Package analyses/models for production (Docker and VM’s) and contribute to CI/CD and safe rollouts (e.g., canary) with Release Engineering covering the entire scope of release and dependent functions to execute with PRE teams.
· Set up basic monitoring for data/model quality, drift, and errors, create simple dashboards/alerts.
· Partner with IAM engineers to turn insights into policy/rule changes (risk‑based access, session controls) and validate impact on SLO/SLA.
· Explore agentic AI (human‑in‑the‑loop) to propose experiments, generate features, and triage anomalies—within audit and safety guardrails.
· Apply privacy‑ and security‑by‑design (minimize personal data, pseudonymize) aligned to GDPR, PCI DSS, and other audits.
· Document findings clearly and communicate results to technical and non‑technical stakeholders.
This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.
Basic Qualifications
• 2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience
Hands-on with:
• Python for data science (pandas, NumPy, scikit-learn) and SQL for data preparation and analysis.
• Exploratory Data Analysis (EDA), basic supervised learning (logistic/trees), simple anomaly detection, model evaluation (precision/recall, ROC-AUC/PR-AUC).
• Preparing IAM-style telemetry (e.g., authentication/authorization, MFA, session, directory logs) for analysis and feature engineering.
• Building clear dashboards/visualizations (e.g., in Splunk, Elastic/Kibana, or Grafana).
• Exposure to:
• Identity and access management concepts: SAML 2.0, OpenID Connect, OAuth 2.0, MFA modalities, high-level session management, willingness to learn ForgeRock AM/DS telemetry.
• MLOps and release engineering basics: Git and pull requests, CI/CD concepts, Docker fundamentals, and safe rollout patterns (e.g., canary) under guidance.
• Monitoring for data/model quality (drift, latency, errors) and creating simple alerts.
• Ways of working:
• Experience collaborating with cross-functional, globally distributed teams.
• Working knowledge of Agile/Scrum, familiarity with issue tracking and release workflows in Jira.
• Excellent verbal and written communication, ability to explain findings simply to non-technical stakeholders.
• Security and compliance mindset:
• Awareness of privacy- and security-by-design principles (data minimization, pseudonymization, access control) and why GDPR, PCI DSS, and ISO/IEC 27001 matter to data work.
Preferred Qualifications
• 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD).
• 1–3 years (including internships/research) applying Python/SQL to real datasets, solid statistics foundation (hypothesis testing, confidence intervals, power).
• Experience with IAM adjacent data or security analytics (authentication, authorization, MFA, directory/LDAP, WAF or app/server logs).
• Familiarity with experimentation and evaluation: A/B testing, metric design, and trade offs between security and UX.
• Exposure to MLOps and release engineering: Docker basics, CI/CD (e.g., GitHub Actions/GitLab CI/Jenkins), model registry/experiment tracking, and safe rollout patterns (canary/blue green).
• Platform/data skills nice to have: Spark/PySpark or Databricks, basic Kafka or streaming concepts, dashboards in Splunk, Elastic/Kibana, or Grafana.
• Scripting beyond notebooks: reusable modules, unit tests, and simple automation, basic Linux shell comfort.
• Agentic AI interest/experience: using safe, human in the loop assistants to automate repetitive tasks (log triage, feature suggestions, experiment proposals) with audit trails.
• Familiarity with IAM standards and tokens: SAML 2.0, OpenID Connect, OAuth 2.0, JWT, awareness of ForgeRock AM/DS telemetry is a plus.
• Understanding of incident/change/problem management concepts and how data science work fits into release processes.
• Awareness of security and privacy frameworks relevant to data work (GDPR, PCI DSS, ISO/IEC 27001) and privacy by design practices.
