DevSecOps Web Application Security 80%-100%

Julius Baer
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German
Experience level
Intermediate

Job location

Tech stack

Java
API
Application Firewall
User Authentication
Authentication Protocols
Command-Line Interface
Linux
DNS
Hypertext Transfer Protocols (HTTP)
Identity and Access Management
Internet Protocol
OAuth
Open Source Technology
OpenID
Security Assertion Markup Language (SAML)
Web Application Security
Software Engineering
Transmission Control Protocol (TCP)
TypeScript
Web Applications
Transport Layer Security
React
Spring-boot
Customer Identity Access Management
Cloudflare
Devsecops

Job description

Develop and enhance authentication flows by utilizing modern authentication protocols in order to provide a seamless desktop and mobile login experience for bank clients

Operate the existing Web Application Firewall (WAF) and Client Identity and Access Management Solution (CIAM) infrastructure together with our team of IAM and WAF engineers

Collaborate with various stakeholders globally to onboard new web applications to the global CIAM platform

Review new or changed requirements and assess their feasibility as well as their impact on the surrounding systems, standards and guidelines

Troubleshoot issues as part of the 2nd and 3rd level support organization and take part in the on-call duty rotation

Enhance the automation and scalability of the WAF and CIAM infrastructure

Continuously improve the overall service reliability, security, performance and monitoring of the WAF / CIAM infrastructure

Requirements

Four or more years of experience with operating Identity and Access Management or Web Application Firewall solutions such as Nevis, F5, Airlock, Cloudflare or open-source alternatives such as ModSecurity

Alternatively five or more years in software development (Java, Spring Boot, React, Typescript)

Profound understanding of security best practices of web applications and APIs

Proven experience with implementation of authentication and federation mechanisms such as SAML, OAuth, OIDC and FIDO

Solid foundation in networking fundamentals with advanced understanding of internet protocol suite (TCP, DNS, HTTP, TLS, etc.)

Strong troubleshooting and structured problem-solving skills

Good understanding of Linux operating systems and its command line tools

Experience with containerization technologies and automation capabilities is of advantage

Team player, strong collaborator with the ability to take ownership

Excellent organizational and communication skills, well-structured and reliable

Willingness and ability to learn new skills

Fluent in spoken and written German and English language

Higher professional education (Swiss Federal Diploma or higher education) or comparable certification (CISSP) with relevant practical knowledge is desired

About the company

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let's shape the future of wealth management together. We are seeking a passionate Web Application Security Developer / Engineer who thrives on developing a secure, high-performing and scalable login platform for our clients. In this role, you will design, maintain and continuously improve authentication flows and enhance the protection across our online platforms, ensuring the highest level of security for our clients worldwide. Join our global DevSecOps team and play a critical role in safeguarding our digital landscape.

Apply for this position