Security Engineer – Senior

Security Engineer – Senior
Freelance
Brussels
Posted 2 years ago
Web security infra engineer – WSA – ISAM/Automation/DEV
Duration 12 months (extendable)
Location Brussels
Context The Web security squads within IT Middleware Services Tribe will work together with the existing Web Infrastructure Tooling &  Hosting, Web Design and Secure Gateways squads for the technical design, installation, set-up, industrialization, management, support and documentation of our client’s Web Security Infrastructure

Our client needs Web Security Engineers to enforce the Web Security and Authentication squad.
Function description The mission has different aspects, where we need someone with focus on web/sysadmin with an interest in development aspects or someone with focus on development with an interest in infrastructure aspects:

  • Design, deliver and support the integration layer between operating systems and business applications within distributed environments for Web and mobile applications.
  • Focuses on the integration of web applications in the Web Infrastructure, for the intranet as well as for the internet (DMZ) and cloud applications.
  • Deploy and maintain a consistent and complex Web site infrastructure
  • Help to identify, recommend, and prioritize new platform features in conjunction with application developers and architects.
  • Ability to challenge new and existing solutions, architectures and defend it towards the interest of the bank (maintenance, costs, security,…)
  • Identify reusable components required for Web Security and ensure the high quality of the service
  • Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and also on generic security components
  • Establish and document installations, guidelines, policies and procedures for relevant stakeholders, including the squad.
  • Active participation in production support (incident, problem and change management) for the Web Security squad. Support other squad in non-prod, providing guidelines, troubleshooting
  • Set and enforce compatibility and interoperability standards that ensure site accessibility for all users.
  • Monitor and report on Web site traffic and performance.
  • Contribute to the evolution of our automation framework
  • Participate in the On-Call calendar (7/7 from 18:00 – 7:30)
  • Work on-site  (2-3 days)

 

Education Master or equivalent by experience with at least 3 years’ strong experience in a similar function: WEB Security infrastructure in banking sector
Certification N/A 
Languages
requirement		 French Is a plus
Dutch Is a plus
English Working proficiency oral and written
Required knowledge / Experience
Experience
  • At least 2 years of experience with ISAM/ISVA or similar
  • At least 3 years of experience in Web Security  
  • A professional experience of at least 5 years, some in development.
Technical experience Mandatory
  • Proven experience with reverse proxies, Webseal, ISAM or similar
  • Good and proven knowledge on:  Web access management,  Web authentication practices, SSL/TLS( and mutual auth.), SSO, Identity Federation,  PKI, certificates, OpenID Connect, OAuth 2.0, SAML 2.0
  • Good knowledge on: XML/XSLT
  • Good practical knowledge of automation frameworks like eg Ansible (tower) and GIT integration
  • Practical experience with DevOps methodologies and container technologies such as Docker
  • Generic knowledge on: firewalls, web application firewalls, load balancers, networks, DMZ, network security
  • Experience with support on intranet and extranet development
Preferable
  • Proven experience with following Web technologies: ISAM / ISVA (as from version 9 and modules: AAC, Infomap, Federation)
  • Security Token Service (STS) and/or TFIM experience + SOAP and WS-Trust knowledge. Token exchange knowledge
  • Recent successful proven experience in similar/comparable scope
  • Good coding experience: Python; Javascript server side (Rhino JS) are example of used languages & Ability to understand and translate existing code source
  • Strong experience in security of Web Infrastructure in larger organizations
  • Good experience in Shell scripting (automation of curl commands i.e)
  • Knowledge in web and application servers including Apache and Websphere
  • Familiar with an agile environment
Business experience Mandatory
  • High awareness to risks related to the financial sector
  • Follows the defined processes for projects, incident and change management with high attention to business and financial impact
  • Experience with working in a complex organization.
  • Being autonomous and team worker, analytical minded, meet commitment, ability to work in a dynamic and multi-cultural environment, flexible, customer-oriented
  • Ability to work in a fast-paced, agile environment and flexibility to accommodate demanding sprint schedules
Preferable
  • Able to understand bank related business processes and assess impacts on business
  • Agile methodology
  • DevOps
  • ITIL
Soft skills
  • Demonstrated team player with strong and effective customer care skills.
  • Quick self-starter, pro-active and innovative attitude.
  • Open minded and show flexibility in self-learning new technologies/tools.
  • Good analytical and synthesis skills.
  • Process-oriented with high attention to detail.
  • Effective oral and written communicator to both management and technical staff
  • Autonomy, commitment and perseverance.
  • Ability to work in a dynamic and multicultural environment.
  • Flexibility (in peak periods extra efforts may be required).
  • Stress resistant

Apply For This Job

A valid email address is required.
A valid phone number is required.
Comments 0
error: Content is protected !!