We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It’s about showing how you embody our valued behaviours – do the right thing, better together and never settle – as well as our brand promise, Here for good.
We’re committed to promoting equality in the workplace and creating an inclusive and flexible culture – one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
Job Title: Senior Security Specialist ForgeRock
The Role Responsibilities
- Would be responsible for transitioning multi-factor authentication capabilities for Desktop and Password-less authentication from project phase to operate phase
- Manages and continuously enhances capabilities within Security Technology service portfolio.
- Act as a subject matter expert for resolving Level 3 issues
- Provide subject matter expertise in ForgeRock Access Manager, ForgeRock Directory Services, Oracle Unified Directory, Secret Double Octopus tools to the build authentication capabilities.
- Responsible for Development, Testing, and implementing authentication solutions, preferably using a DevOps approach
- The role partners with technical teams and senior architects to analyse technical and non-technical requirements to build robust authentication solution for Desktop MFA and Passwordless
- Operates various Authentication technology tools, based on niche specialization such as Passwordless authentication
- Assist the Service and Project Team in troubleshooting and remediating issues
- Work collaboratively as a member of a Team to build and develop technical Identity and Access Management solutions
- Coordinate solution implementation, advisory, problem management, change control and incident response.
- Collaborates with business teams, infra teams, security operations and offers technical guidance
- Develops, tracks and analyses actionable metrics to continuously improve tooling and procedures and provide visibility of operations to management.
- Performs security assessments and vulnerability analysis as required to justify risk tolerances and acceptances
- Documentation of security infrastructure, implementation, operational manuals and developing configurations to meet new business requests
- Review findings from and Identify root causes for common issues and provide recommendations for sustainable improvement.
Our Ideal Candidate
- A Bachelor’s degree in Engineering or related fields
- 8 – 10 years of progressive IAM experience with focus on Authentication with at least 4 years in delivering enterprise solutions for modern authentication mechanism
- Strong understanding of Secret Double Octopus tooling, ForgeRock Directory Services (Open DS), Oracle Unified Directory, ForgeRock Access Manager (OpenAM), ForgeRock Identity Gateway and Active & (Azure AD) Directory (desirable)
- Must have experience in implementation of authentication technologies and federated identity standards and protocols (multifactor authentication, secure-key, SSO, LDAP Kerberos, OAuth, SAML, OpenID Connect) at an enterprise scale
- Skillsets in the following would be an advantage
- Programming experience in Java/J2EE, Spring/Hibernate, Rest APIs, JSON, XML
- Working knowledge of Containers and container orchestration platform
- Knowledge on version control tools (SVN, GitHub), Groovy scripts.
- Must have a clear understanding of the concepts of Identity and Access Management and related workflows.
- Experience in working with geographically dispersed teams, preferably in the Financial Services industry.
- Experience with enterprise applications (architecture, development, support, and troubleshooting).
- Experience and exposure to threat modelling and design reviews to assess security implications and requirements for introduction of new technologies.
- Strong interpersonal and communication skills; ability to work in a team environment
- Ability to work independently with minimal direction; self-starter/self-motivated
- Technical writing experience is a plus
- Industry certifications like CISSP, ForgeRock related certifications would be plus