Web Application Security Engineer (CIAM & WAF) APAC

Job description

Tasks

• Work closely with the global team of engineers to ensure the smooth operation and maintenance of the Client IAM (Identity and Access Management Platform) (CIAM) and Web Application Firewall (WAF) infrastructure
• Develop and improve authentication flows by utilizing modern authentication protocols to provide a seamless desktop and mobile login experience for bank customers
• Design and maintain a highly available and secure codebase for multiple single-page applications (SPAs), with a focus on delivering seamless and efficient login experiences for customers
• Collaboration with various stakeholders worldwide to upload new client-side web applications to the global CIAM platform
• Reviewing new or changed requirements and assessing their feasibility and their impact on surrounding systems, standards and guidelines
• Troubleshooting as part of the 2nd and 3rd level support organization and participation in the on-call service rotation
• Improving the automation and scalability of the WAF and CIAM infrastructure
• Continuous improvement of overall service reliability, security, performance and monitoring of WAF / CIAM infrastructure

Requirements

Professional and technical

• At least 4 years of experience in designing, implementing and managing web application firewall (WAF) and reverse proxy solutions, including products such as F5, Imperva, Nexus, Cloudflare or open source alternatives such as Security Onion
• Proven experience in the design and implementation of authentication and federation mechanisms, including SAML, OIDC, OAuth and FIDO, with a deep understanding of identity and access management principles
• Practical experience with highly available and scalable web infrastructure
• Solid understanding of security best practices for web applications and APIs
• Solid understanding of web communication protocols such as HTTP/TLS, WebSocket etc.
• Experience in software development (Java, Spring, Boot, React, Typescript) and operational experience with Kubernetes-based environments
• Strong troubleshooting and problem solving skills
• Solid knowledge of Unix operating systems and command line tools
• Relevant academic background (e.g. Bachelor's or Master's degree in computer science, cybersecurity or related field) or industry-recognized certifications (e.g. CISSP, CEH) with relevant practical knowledge

Personal and social

• Team player, strong collaborator with a willingness to take on responsibility
• Excellent English language skills, with the ability to communicate clearly and concisely with various audiences, including technical teams and business partners
• Methodical and results-oriented approach to new challenges and tasks
• Ability to thrive in a globally distributed team environment
• Strong desire to learn and develop new skills
• Independent and self-motivated