Web & DDoS Protection Specialist
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities Job Purpose:
- Network Security Services - Web & DDoS Protection Service
Qualifications & Experience:
- Regularly assist team members with maintenance, tuning, and implementation of Web Application Firewall, Content Delivery Network & other application layer security configurations as needed.
- Understand project approach to technical deployments for critical cyber security services including Infra DDoS Protection, Application Layer Security, TLS/SSL Certificates, Web Resilience & DNS Protection.
- To work effectively under pressure to prioritize project and BAU tasks per need/criticality.
- Participate in the Security Audits and Assessments.
- To quickly grasp the network design, application/infrastructure security concepts, techniques, technologies, and tools
- Should be able to adjust and work with diverse skilled team members.
- Provide contributions as assigned to any/all departmental projects, as assigned by management.
- Creation and regular maintenance of client impacting security issues & administrative/maintenance tasks.
- Participate in planning and coordinating installations, upgrade, migration and configuration.
- To contribute developing and maintaining optimal network performance, enforcing security measures and establishing good working relationship with the senior management and clients in order to facilitate a long term technological direction and vision.
- Years of Experience: 5 - 10 years
Optional (Good to have):
- Extensive experience & expertise in WAF Implementation and Administration (AWS/Imperva /Akamai/Cloudflare).
- Understanding of Content Distribution Network and relevant configurations.
- Experience gathering and analysing data to create useful metrics that support positive change
- Proficient with OWASP Top 10 and WASC-TC (Web Application Security Consortium)
- Proficiency in configuring WAF rules
- Well Versed with Threat modelling, basics of code development (Java/ASP/PHP) and basics of scripting (Java/ASP/Python), also basic knowledge of RESTFUL API and programming approach is good to have.
- Experienced security design and providing consultancy in conjunction with security management.
- Excellent analytical and problem-solving skills to drive process improvement
- Excellent communicator, whether writing, speaking or presenting
- Demonstrated ability to effectively manage change and conflict
- Possess in depth knowledge of security, implementing security solutions and working closely with global customer accounts.
- Experience in middleware, proxies
- Possess excellent communication, analytical and troubleshooting skills with proven ability to anticipate problems and recommend solutions.
- Good at managing security crises/Incidents;
- Ability to collaborate with cross-functional teams
- Must be a dependable team player with strong business acuity, enthusiasm, and a positive attitude
- Possess an impeccable work ethic and a high degree of integrity
- Experience in handling Appsec tools like Burp, Webscarab
- Experienced in Vulnerability Assessment and Penetration Testing.
- Experienced in Risk Assessment and Security Controls implementation.
- Knowledge of Operating Data Analysis tools like Splunk, RSA Envision etc.,
Apply now to join the Bank for those with big career ambitions.