Web Security DEV Engineer
Posted on Jun 5, 2020 by Church International Ltd.
Web Security DEV Engineer - Please note; x3 days are required in Belgium + x2 days in UK/remote
Our customer is seeking to strengthen the Security team who support the integration layer between operating systems and business applications within distributed environments for Web information exchange solutions.
As a member of the squad you will be responsible for supporting the team which;
- Focuses on the integration of web applications in the Web Infrastructure, for the Intranet as well as for the DMZ.
- Deploy and maintain a consistent and complex Web site infrastructure
- Help to identify, recommend, and prioritize new Web features in conjunction with application developers and architects.
- Ability to challenge new and existing solutions, architectures and defend it towards the interest of the bank (maintenance, costs, security,)
- Identify reusable components required for Web Security and ensure the high quality of the service.
- Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and also on generic security components
- Establish and document installations, guidelines, policies and procedures for relevant stakeholders.
- Assist architects in order to perform cost-benefit analyses of proposed Web implementations, enhancements, and modifications.
- Active participation in production support (incident, problem and change management) for the Web Security squad.
- Set and enforce compatibility and inter-operability standards that ensure site accessibility for all users.
- Extensive experience in Web Security
- Demonstrable professional experience, some in development
- Solid and proven experience with following Web technologies; ISAM (from V9) and TAMeB
- Good and proven knowledge on: Web access management, Web authentication practices, SSL/TLS (and mutual auth.), SSO, Identity Federation, PKI, certificates, OpenID Connect, OAuth 2.0, SAML 2.0, External Authentication Interface on WebSEAL
- Good knowledge on: XML/XSLT
- Generic knowledge on: firewalls, application firewalls, load balancers, networks, DMZ, network security, anti-virus
- Knowledge in web and application Servers including Apache and WebSphere,
- Experience with support on e-Commerce, Intranet and Extranet development
- Experience with ISAM AAC and Federation modules is a big asset
- Security Token Service (STS) and/or TFIM experience + SOAP and WS-Trust knowledge
- Recent successful proven experience in similar/comparable scope
- Strong experience in security of Web Infrastructure in financial services
- Basic Shell Scripting (automation of curl commands ie)
- Familiar with DevOps methodologies and container technologies such as Docker
- Familiar with an agile environment
Applicants must be eligible to live and work in the specified location.