Job offer
Team Lead, Web Entry Solutions
The job posting describes a position as Team Lead for Web Entry Solutions at Julius Baer, in which the candidate will assume strategic and operational responsibility for the web security infrastructure and lead a global team. The ideal candidate has extensive experience in web application security, WAF and API security architectures, as well as experience leading international teams.
Tasks
As Team Lead for Web Entry Solutions, you will be responsible for the strategic and operational management of our central web entry security infrastructure and its ongoing development. Your responsibilities will include:- Stable operation and strategic development of core IT security infrastructures in the web entry sector
- Design, implementation, and continuous optimization of web application firewalls and API security architectures
- Operation, configuration, and further development of security features such as malware protection and Core Rule Sets (CRS)
- Design, implementation, and operation of Global Single Sign-On (GSSO) solutions based on SAML 2.0 and OpenID Connect (OIDC)
- Comprehensive protection against all OWASP Top 10 vulnerability categories at the infrastructure and application levels
- Operation and further development of load-balancing solutions and multi-layered DDoS protection mechanisms
- Monitoring and analysis of HTTP(S) traffic for anomalies, attack patterns, and policy violations
Security Governance, Assessments & Projects
Your responsibilities will also include:- Security assessments, vulnerability management, and baseline compliance via the web-based entry platforms
- Analysis and prioritization of findings from penetration tests, DAST scans, and bug bounty programs
- Management and implementation of complex security projects with a strategic view of the overall IT security landscape
- Analysis and Management of Security Incidents and Coordination of Incident Response
- Development and maintenance of security policies, WAF guidelines, technical documentation, and operating procedures
Leadership & Advisory
As a Team Lead, you will also be responsible for:- Disciplinary and functional leadership of a globally distributed team in Switzerland and Singapore
- Acquiring and supporting business units on security issues
- Actively supporting new security initiatives and identifying vulnerabilities
Requirements
The following requirements apply to this position:- A university degree (BSc / BSc (Hons) / CSc (Hons)) or higher in computer science, information security, or a comparable technical discipline
- In-depth, proven knowledge of the OWASP Top 10 vulnerability categories
- Extensive hands-on experience in the configuration, operation, and optimization of web application firewalls (WAFs)
- Solid knowledge of web application architectures, the HTTP(S) protocol, REST APIs, reverse proxy concepts, TLS 1.5/mTLS, Content Security Policy (CSP), CORS, and HTTP security headers (HSTS, X-Frame-Options, etc.)
- Proven practical experience with the Nexus Identity Suite or comparable enterprise solutions
- Knowledge of security-focused API protection: API gateways, OAuth 2.0 token validation, rate limiting, mutual authentication
- Experience in handling penetration test results and security-focused code reviews in a web application context
- Proven expertise in networking and applications
Job details