Web Application Security Engineer (CIAM & WAF) APAC

Job description

Tasks

• Work closely with the global team of engineers to ensure the smooth operation and maintenance of the Client Identity and Access Management Platform (CIAM) and Web Application Firewall (WAF) infrastructure
• Develop and improve authentication flows by utilizing modern authentication protocols to provide a seamless desktop and mobile login experience for bank customers
• Design and maintain a highly available and secure code base for single-page applications (SPAs), with a focus on delivering seamless and efficient login experiences for customers
• Collaboration with various stakeholders worldwide to upload new client-side web applications to the global CIAM platform
• Reviewing new or changed requirements and assessing their feasibility and their impact on surrounding systems, standards and guidelines
• Troubleshooting as part of the 2nd and 3rd level support organization and participation in the on-call service rotation
• Improving the automation and scalability of the WAF and CIAM infrastructure
• Continuous improvement of overall service reliability, security, performance and monitoring of the WAF/CIAM infrastructure

Requirements

Professional and technical

• At least 4 years of experience in designing, implementing and managing web application firewall (WAF) and reverse proxy solutions, including products such as F5, Imperva, Nexus, Cloudflare or open source alternatives such as Security
• Proven experience in the design and implementation of authentication and federation mechanisms, including SAML, OAuth, OIDC and FIDO, with a deep understanding of identity and access management principles
• Hands-on experience with highly available and scalable web infrastructure
• Deep understanding of security best practices for web applications and APIs
• Solid understanding of web security protocols such as HTTP/HTTPS, WebSocket etc.
• Experience in software development (Java, Swift, Python, React, Typescript) and operational experience with Kubernetes-based environments
• Strong troubleshooting and problem solving skills
• Proficient in log analysis and correlation, with hands-on experience in Splunk, ELK or similar tools to detect anomalies and investigate incidents and identify root causes
• Good technical foundation in Unix operating systems and/or command line tools
• Relevant academic background (e.g. Bachelor's or Master's degree in computer science, cybersecurity or related field) or industry-recognized certifications (e.g. CISSP, CEH) with relevant practical knowledge

Personnel and social

• Team player, strong collaborator with a willingness to take on responsibility
• Excellent English language skills, with the ability to communicate clearly with different audiences, including technical teams and business partners
• Methodical and results-oriented approach to new challenges and tasks
• Ability to thrive in a globally distributed team environment
• Strong desire to learn and develop new skills
• Independent and self-driven

We offer