Specialist - Secure Web Defence
Standard Chartered Bank
Bangalore, India, Asia
5d ago

The Role Responsibilities

Strategy

  • Work with Security Automation and tools around it, including but not limited to AWS Lambda, RunDeck, Jenkins, Terraform, Ansible, etc
  • Manage security program development, security architecture, security tools and technology
  • Well versed in OWASP API Top 10 Security Threats and API security best practices
  • In depth knowledge and technical expertise on REST API and SOAP Security
  • Familiar with the use of API security tools not limited to (Postman, Swagger and JMeter)
  • Steer the shaping and delivering of cutting-edge service offerings using industry-leading tools
  • Lead hands-on implementation processes across multiple leading-edge technologies
  • Perform security design reviews with development and product teams
  • Create and foster a security culture in cloud operations and development
  • Test and evaluate 3rd party security technologies and tools
  • Define and implement security monitoring and response procedures
  • Produce and present security reports and roadmaps for management
  • Regularly assist team members with maintenance, tuning, and implementation of Web Application Firewall, Content Delivery Network & other application layer security configurations as needed.
  • Understand project approach to technical deployments for critical cyber security services including Infra DDoS Protection, Application Layer Security, TLS / SSL Certificates, Web Resilience & DNS Protection.
  • To work effectively under pressure to prioritize project and BAU tasks per need / criticality.
  • Participate in the Security Audits and Assessments.
  • To quickly grasp the network design, application / infrastructure security concepts, techniques, technologies, and tools
  • Should be able to adjust and work with diverse skilled team members.
  • Provide contributions as assigned to any / all departmental projects, as assigned by management.
  • Creation and regular maintenance of client impacting security issues & administrative / maintenance tasks.
  • Participate in planning and coordinating installations, upgrade, migration and configuration.
  • To contribute developing and maintaining optimal network performance, enforcing security measures and establishing good working relationship with the senior management and clients in order to facilitate a long-term technological direction and vision.
  • Take part in red-team and offensive security exercises where applicable
  • Support and deliver upon assigned security projects
  • Architect, deploy and maintain proactive security tools including, but not limited to : Web Application Firewalls, DDoS Protection, Bot Mitigation (web applications), API Protection and custom tools
  • Participate in Security Incident On-call rotation
  • Processes

  • Responsible to deliver the Banks Secure Web Defence Service
  • Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank.
  • This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

    Key Stakeholders

  • Technology Services End User Services; Core Infra Services Networks; Second Line and Third Line of Defence
  • Other Responsibilities

  • Documents solution requirements given business and technical objectives
  • Defines, creates, and maintains WAF, CDN and DDoS Configurations.
  • Understands various proxy authentication methods with relation to a domain environment
  • Serves as a primary responder as part of Major Incident Management taking ownership on resuming services.
  • Perform root cause analysis and troubleshooting effort for production deployment
  • Functions as a liaison between the Bank and Vendor Technical Support teams as part of Incident and Problem Management
  • Competent in reporting issues, anomalies and problems through proper channels (i.e., Incident, Problem Management from technical support)
  • Able to analyse Packet capture (Wireshark, tcp dump) to identify the Network level issues
  • Performs other duties relevant to deployment and security operations as assigned
  • Our Ideal Candidate

  • Bachelor’s Degree in Computer Science, IT / Information Systems.
  • Overall 4 years of combined IT and Info Security work experience with a broad range of exposure to Information Security Systems
  • 3+ Years' experience in Network Security related technologies (Web Application Firewalls, Bot Protection, API Protection, DNS Security, DDoS Protection, etc)
  • 1+ Years' experience in log correlation SIEM solutions like Splunk
  • Experience with Security Automation and tools around it
  • Visit our careers website

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form