IT Security Engineer – Internet Proxy, Remote Access
Singapore, Singapore
Full Time
2 weeks ago
No Sponsorship
Key skills
CitrixDNSFirewallsVaultLoad BalancingConfluenceNetwork SecurityZero TrustWAF
About this role
Role Overview
- Play a key role in the design, implementation, and operational governance of Julius Baer’s secure web and remote access infrastructure, ensuring resilient, policy-compliant connectivity for thousands of users across global offices and remote locations.
- Operate and maintain the enterprise Zscaler Internet Access (ZIA) platform.
- Administer and support Citrix NetScaler (now Citrix ADC) as the primary gateway for corporate SSL-VPNs and secure BYOD access to internal applications.
- Support adoption of Zscaler Private Access (ZPA).
- Lead incident resolution for complex disruptions, serving as a Tier 2/Tier 3 escalation point through detailed root cause analysis (RCA), corrective actions, and implementation of preventative controls to strengthen service resilience.
- Ensure full compliance of internet proxy and remote access solutions with Julius Baer’s information security policies, regulatory frameworks, and internal audit requirements, maintaining rigorous control over access entitlements and cryptographic material.
- Maintain authoritative technical documentation in Confluence, covering system architectures, operational procedures, integration specifications, and post-incident reviews to support knowledge sharing and operational continuity.
- Drive continuous service improvement by enhancing system reliability, security posture, performance, observability, and automation, with a clear focus on increasing operational efficiency and reducing manual effort.
- Stay ahead of emerging threats and technological developments in web security, encrypted traffic analysis, and identity-centric access models — recommending strategic upgrades, architectural refinements, and new controls to future-proof the bank’s infrastructure.
Requirements
- Expertise in Zscaler technologies, with hands-on experience in deploying and managing Zscaler Internet Access (ZIA) and Private Access (ZPA).
- Proven operational experience with Citrix NetScaler (Citrix ADC/Gateway) for SSL-VPN and BYOD access.
- Solid understanding of secure web gateways, proxy architectures, zero trust principles, and remote access security models.
- Understanding of network security fundamentals: firewalls, load balancing, WAF concepts, TLS/SSL, DNS, and IP routing — especially as applied in DMZ and extranet zones.
- Practical understanding of key IT security domains; experience with one or more of the following is advantageous: Public Key Infrastructure (PKI), Privileged Access Management (PAM), Secure Secrets Management (Vault), Multi-factor Authentication (MFA) frameworks.
- Minimum of 2–3 years in 2nd and 3rd line engineering or operations roles supporting enterprise-grade IT security services, ideally within complex, highly regulated environments (e.g., financial services).
Tech Stack
- Citrix
- DNS
- Firewalls
- Vault
Benefits
- Flexible working options
- Extensive career development programmes