Specialist - Secure Web Defence
Standard Chartered Bank
Bangalore, India, Asia
5d ago

The Role Responsibilities


  • Work with Security Automation and tools around it, including but not limited to AWS Lambda, RunDeck, Jenkins, Terraform, Ansible, etc
  • Manage security program development, security architecture, security tools and technology
  • Well versed in OWASP API Top 10 Security Threats and API security best practices
  • In depth knowledge and technical expertise on REST API and SOAP Security
  • Familiar with the use of API security tools not limited to (Postman, Swagger and JMeter)
  • Steer the shaping and delivering of cutting-edge service offerings using industry-leading tools
  • Lead hands-on implementation processes across multiple leading-edge technologies
  • Perform security design reviews with development and product teams
  • Create and foster a security culture in cloud operations and development
  • Test and evaluate 3rd party security technologies and tools
  • Define and implement security monitoring and response procedures
  • Produce and present security reports and roadmaps for management
  • Regularly assist team members with maintenance, tuning, and implementation of Web Application Firewall, Content Delivery Network & other application layer security configurations as needed.
  • Understand project approach to technical deployments for critical cyber security services including Infra DDoS Protection, Application Layer Security, TLS / SSL Certificates, Web Resilience & DNS Protection.
  • To work effectively under pressure to prioritize project and BAU tasks per need / criticality.
  • Participate in the Security Audits and Assessments.
  • To quickly grasp the network design, application / infrastructure security concepts, techniques, technologies, and tools
  • Should be able to adjust and work with diverse skilled team members.
  • Provide contributions as assigned to any / all departmental projects, as assigned by management.
  • Creation and regular maintenance of client impacting security issues & administrative / maintenance tasks.
  • Participate in planning and coordinating installations, upgrade, migration and configuration.
  • To contribute developing and maintaining optimal network performance, enforcing security measures and establishing good working relationship with the senior management and clients in order to facilitate a long-term technological direction and vision.
  • Take part in red-team and offensive security exercises where applicable
  • Support and deliver upon assigned security projects
  • Architect, deploy and maintain proactive security tools including, but not limited to : Web Application Firewalls, DDoS Protection, Bot Mitigation (web applications), API Protection and custom tools
  • Participate in Security Incident On-call rotation
  • Processes

  • Responsible to deliver the Banks Secure Web Defence Service
  • Regulatory & Business Conduct

  • Display exemplary conduct and live by the Group’s Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank.
  • This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.

    Key Stakeholders

  • Technology Services End User Services; Core Infra Services Networks; Second Line and Third Line of Defence
  • Other Responsibilities

  • Documents solution requirements given business and technical objectives
  • Defines, creates, and maintains WAF, CDN and DDoS Configurations.
  • Understands various proxy authentication methods with relation to a domain environment
  • Serves as a primary responder as part of Major Incident Management taking ownership on resuming services.
  • Perform root cause analysis and troubleshooting effort for production deployment
  • Functions as a liaison between the Bank and Vendor Technical Support teams as part of Incident and Problem Management
  • Competent in reporting issues, anomalies and problems through proper channels (i.e., Incident, Problem Management from technical support)
  • Able to analyse Packet capture (Wireshark, tcp dump) to identify the Network level issues
  • Performs other duties relevant to deployment and security operations as assigned
  • Our Ideal Candidate

  • Bachelor’s Degree in Computer Science, IT / Information Systems.
  • Overall 4 years of combined IT and Info Security work experience with a broad range of exposure to Information Security Systems
  • 3+ Years' experience in Network Security related technologies (Web Application Firewalls, Bot Protection, API Protection, DNS Security, DDoS Protection, etc)
  • 1+ Years' experience in log correlation SIEM solutions like Splunk
  • Experience with Security Automation and tools around it
  • Visit our careers website

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form