Private Banking Internet Proxy and Remote Access Security Engineer

GENERAL DESCRIPTION

Julius Baer Group Ltd. acts in the sector Private Banking and is present in over 25 countries and around 60 locations. With the Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo.

Join our global team and play a critical role in safeguarding our digital landscape as an IT Security Engineer. We're seeking a skilled expert to contribute to the engineering and operations of our Internet proxy (Zscaler) and remote access (Citrix NetScaler) solutions.

KEY FEATURES OF THE POSITION

Main Job Responsibilities

• Play a key role in the design, implementation, and operational governance of Julius Baer's secure web and remote access infrastructure, ensuring resilient, policy-compliant connectivity for thousands of users across global offices and remote locations.
• Operate and maintain the enterprise Zscaler Internet Access (ZIA) platform.
• Administer and support Citrix NetScaler (now Citrix ADC) as the primary gateway for corporate SSL-VPNs and secure BYOD access to internal applications.
• Support adoption of Zscaler Private Access (ZPA).
• Lead incident resolution for complex disruptions, serving as a Tier 2/Tier 3 escalation point through detailed root cause analysis (RCA), corrective actions, and implementation of preventative controls to strengthen service resilience.
• Ensure full compliance of internet proxy and remote access solutions with Julius Baer's information security policies, regulatory frameworks, and internal audit requirements, maintaining rigorous control over access entitlements and cryptographic material.
• Maintain authoritative technical documentation in Confluence, covering system architectures, operational procedures, integration specifications, and post-incident reviews to support knowledge sharing and operational continuity.
• Drive continuous service improvement by enhancing system reliability, security posture, performance, observability, and automation, with a clear focus on increasing operational efficiency and reducing manual effort.
• Stay ahead of emerging threats and technological developments in web security, encrypted traffic analysis, and identity-centric access models - recommending strategic upgrades, architectural refinements, and new controls to future-proof the bank's infrastructure.

Client Management (internal & external)

• Various IT functions, both regionally and globally
• Local Legal and Compliance functions

Business Management

• Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
• CRO functions - including Business Operational Risk, Information Security and Compliance functions
• Global functions - IT Security Solutions, Security Architecture
• Establish strong relationship with key stakeholders and across the internal IT

Regulatory Responsibilities &/OR Risk Management

Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

SKILLS REQUIREMENTS OF THE POSITION

Professional and Technical

• Profound understanding of security best practices of web applications and APIs
• Solid understanding of web communication protocols such as HTTP, TLS, Websocket, etc
• Hands-on operational experience with highly available and scalable web infrastructure
• Hands-on experience with operating WAF or reverse-proxy solutions such as F5, Imperva, Nevis, Cloudflare, or open-source alternatives like ModSecurity
• Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments
• Strong troubleshooting and structured problem-solving skills
• Skilled in log analytics and correlation, with hands-on experience in Splunk, Elastic or similar toolings, to investigate incidents and identify root causes
• Familiarity with the implementation of authentication and federation mechanisms such as SAML, OAuth and OIDC and FIDO
• Good technical foundation of Linux operating systems and its command line tools
• Relevant academic background (e.g., Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field) or industry-recognized certifications (e.g. CISSP) with relevant practical knowledge is desired

Personal and Social

• Team player, strong collaborator with the willingness to take ownership
• Excellent communication skills in spoken and written form
• Strong desire to learn and develop new skills
• Methodical and results-driven approach to new challenges and tasks
• Independent and self-driven
• Ability to thrive in a globally distributed team environment

Regulatory

• Good understanding of the technology regulatory framework in Singapore and Hong Kong

RANK APPLICABLE TO THE POSITION

• Rank: Associate Director