Overview
Web Application Security Engineer 100% (f/m/d) – Julius Baer.
Responsibilities
* Operate the existing Web Application Firewall (WAF) infrastructure together with our team of WAF engineers
* Enhance the security of web applications and APIs by introducing additional protective measures on the WAF
* Integrate new Web Applications and APIs into the WAF infrastructure
* Review new or changed requirements and assess their feasibility as well as their impact on the surrounding systems, standards and guidelines
* Troubleshoot technical issues related to WAF and initiate actions for remediation as part of the 2nd and 3rd level support organization and participate in the on-call duty rotation
* Continuously improve the service reliability, security, performance, monitoring and automation of the WAF infrastructure
Your profile
* Profound understanding of security best practices of web applications and APIs
* Solid understanding of Web Communication Protocols such as HTTP, TLS, Websocket, etc.
* Strong troubleshooting and structured problem solving skills
* Familiarity with the implementation of authentication and federation mechanisms such as SAML, OAuth and OIDC and FIDO
* Good technical foundation of Linux operating systems and its command line tools
* Hands-on experience with operating WAF or reverse-proxy solutions such as Nevis, F5, Airlock, Cloudflare or open-source alternatives such as ModSecurity is a plus
* Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments is a plus
* Team player, strong collaborator with the ability to take ownership
* Willingness and ability to learn new skills
* Fluent in spoken and written German and English
* Higher professional education (Swiss Federal Diploma or higher education) or comparable certification (CISSP) with relevant practical knowledge is desired
Seniority level
* Entry level
Employment type
* Full-time
Job function
* Information Technology
Industries
* Banking
#J-18808-Ljbffr