Salary: Euro 60000 – 80000 Yearly
| Web security infra engineer | |
| Duration | 12 months (extendable) |
| Location | Brussels |
| Context | We are looking for a Web Security Engineer to enforce the Web Security and Authentication within existing Web Infrastructure Tooling & Hosting, Web Design and Secure Gateways squads. |
| Function description | The mission has different aspects, where we need someone with focus on web/sysadmin with an interest in development aspects or someone with focus on development with an interest in infrastructure aspects: Design, deliver and support the integration layer between operating systems and business applications within distributed environments for Web and mobile applications. Focuses on the integration of web applications in the Web Infrastructure, for the intranet as well as for the internet (DMZ) and cloud applications. Deploy and maintain a consistent and complex Web site infrastructure Help to identify, recommend, and prioritize new platform features in conjunction with application developers and architects. Ability to challenge new and existing solutions, architectures and defend it towards the interest of the bank (maintenance, costs, security,…). Identify reusable components required for Web Security and ensure the high quality of the service. Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and also on generic security components. Establish and document installations, guidelines, policies and procedures for relevant stakeholders, including the squad. Active participation in production support (incident, problem and change management) for the Web Security squad. Support other squad in non-prod, providing guidelines, troubleshooting. Set and enforce compatibility and interoperability standards that ensure site accessibility for all users. Monitor and report on Web site traffic and performance. Contribute to the evolution of our automation framework. Participate in the On-Call calendar (7/7 from 18:00 – 7:30). Work on-site (2-3 days). |
| Education | Master or equivalent by experience with at least 3 years’ strong experience in a similar function: | |
| Certification | N/A | |
| Languages requirement | French | Is a plus |
| Dutch | Is a plus | |
| English | Working proficiency oral and written | |
| Required knowledge / Experience | ||
| Experience | At least 2 years of experience with ISAM/ISVA or similar At least 3 years of experience in Web Security A professional experience of at least 5 years, some in development. | |
| Technical experience | Mandatory | Proven experience with reverse proxies, Webseal, ISAM ,ISVA or similar. Good and proven knowledge on: Web access management, Web authentication practices, SSL/TLS( and mutual auth.), SSO, Identity Federation, PKI, certificates, OpenID Connect, OAuth 2.0, SAML 2.0. Good knowledge on: XML/XSLT. Good practical knowledge of automation frameworks like eg Ansible (tower) and GIT integration. Practical experience with DevOps methodologies and container technologies such as Docker. Generic knowledge on: firewalls, web application firewalls, load balancers, networks, DMZ, network security. Experience with support on intranet and extranet development. |
| Preferable | Proven experience with following Web technologies: ISAM / ISVA (as from version 9 and modules: AAC, Infomap, Federation). Security Token Service (STS) and/or TFIM experience + SOAP and WS-Trust knowledge. Token exchange knowledge. Recent successful proven experience in similar/comparable scope. Good coding experience: Python; Javascript server side (Rhino JS) are example of used languages & Ability to understand and translate existing code source. Strong experience in security of Web Infrastructure in larger organizations Good experience in Shell scripting (automation of curl commands i.e). Knowledge in web and application servers including Apache and WebsphereFamiliar with an agile environment. | |
| Business experience | Mandatory | High awareness to risks related to the financial sector. Follows the defined processes for projects, incident and change management with high attention to business and financial impact. Experience with working in a complex organization. Being autonomous and team worker, analytical minded, meet commitment, ability to work in a dynamic and multi-cultural environment, flexible, customer-oriented. Ability to work in a fast-paced, agile environment and flexibility to accommodate demanding sprint schedules |
| Preferable | Able to understand bank related business processes and assess impacts on businessAgile methodologyDevOpsITIL | |
| Soft skills | Demonstrated team player with strong and effective customer care skills. Quick self-starter, pro-active and innovative attitude. Open minded and show flexibility in self-learning new technologies/tools. Good analytical and synthesis skills. Process-oriented with high attention to detail. Effective oral and written communicator to both management and technical staff. Autonomy, commitment and perseverance. Ability to work in a dynamic and multicultural environment. Flexibility (in peak periods extra efforts may be required).Stress resistant | |
Job Category: Software Development
Job Type: Full Time
Job Location: Belgium
