Web Application Security Engineer

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let's shape the future of wealth management together.

Julius Baer Group Ltd. acts in the sector Private Banking and is present in over 25 countries and around 60 locations. With the Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo. Join our global team and play a critical role in safeguarding our digital landscape as a Senior Web Application Security Engineer with focus on Client Identity and Access Management as well as Web Application Firewall. We're seeking a skilled expert to maintain and enhance the protection of our online platforms, ensuring the highest level of security for our clients worldwide.

Main Job Responsibilities

• Work closely with our global team of engineers to ensure the smooth operation and maintenance of the Client Identity and Access Management Platfrom (CIAM) as well as the Web Application Firewall (WAF) infrastructure
• Develop and enhance authentication flows by utilizing modern authentication protocols to deliver a seamless desktop and mobile login experience for bank clients
• Develop and maintain high-quality and secure codebases for multiple Single-Page Applications (SPAs), focusing on delivering seamless and efficient login experiences for clients
• Collaborate with various stakeholders globally to onboard new client-facing web applications to the global CIAM platform
• Review new or changed requirements and assess their feasibility as well as their impact on the surrounding systems, standards and guidelines
• Troubleshoot issues as part of the 2nd and 3rd level support organization and take part in the on-call duty rotation
• Enhance the automation and scalability of the WAF and CIAM infrastructure
• Continuously improve the overall service reliability, security, performance and monitoring of the WAF / CIAM infrastructure
• Continuously improve the service reliability, security, performance, monitoring, and automation of the WAF / CIAM infrastructure, with a focus on enhancing overall system availability and efficiency

Client Management (internal & external)

• Various IT functions, both regionally and globally
• Local Legal and Compliance functions

Business Management

• Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
• CRO functions – including Business Operational Risk, Information Security and Compliance functions
• Global functions – IT Security Solutions, Security Architecture
• Establish strong relationship with key stakeholders and across the internal IT

Regulatory Responsibilities &/OR Risk Management

• Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

RANK APPLICABLE TO THE POSITION

• Rank: AD

Professional and Technical

• Minimum 4 years of experience in designing, implementing, and managing Web Application Firewall (WAF) and reverse proxy solutions, including products such as F5, Imperva, Nevis, Cloudflare, or open-source alternatives like ModSecurity
• Proven experience in designing and implementing authentication and federation mechanisms, including SAML, OAuth, OIDC, and FIDO, with a strong understanding of identity and access management principles
• Hands-on operational experience with highly available and scalable web infrastructure
• Profound understanding of security best practices of web applications and APIs
• Solid understanding of web communication protocols such as HTTP, TLS, Websocket, etc.
• Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments
• Strong troubleshooting and structured problem-solving skills
• Proficient in log analytics and correlation, with hands-on experience in Splunk, Elastic or similar toolings, to detect anomalies and investigate incidents and identify root causes
• Good technical foundation of Linux operating systems and its command line tools
• Relevant academic background (e.g., Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field) or industry-recognized certifications (e.g. CISSP, CEH) with relevant practical knowledge

Personal and Social

• Team player, strong collaborator with the willingness to take ownership
• Excellent English language skills, with ability to communicate clearly to diverse audiences, including technical teams and business stakeholders
• Methodical and results-driven approach to new challenges and tasks
• Ability to thrive in a globally distributed team environment
• Strong desire to learn and develop new skills
• Independent and self-driven

Regulatory

• Good understanding of the technology regulatory framework in Singapore and Hong Kong

We are looking forward to receiving your full job application through our online application tool.