Senior Security Engineer - CIAM XDP
Barclays Bank Plc, Whitehall, City of Westminster
Senior Security Engineer - CIAM XDP
Salary not available. View on company website.
Barclays Bank Plc, Whitehall, City of Westminster
- Full time
- Permanent
- Onsite working
Posted 2 weeks ago, 1 Jun | Get your application in now before you miss out!
Closing date: Closing date not specified
Job ref: 5d2c4939380043eea5f3de4cc86f293c
Location ref: Whitehall, City of Westminster
Full Job Description
Job OverviewSenior Security Engineer for CIAM at Barclays, responsible for developing, implementing, and maintaining cryptographic solutions, identity and access management (IAM) systems, and security controls for banking systems and sensitive information.ResponsibilitiesDevelop, implement, and maintain solutions that safeguard banking systems and sensitive information.Provide subject matter expertise on security systems and engineering patterns.Develop and implement protocols, algorithms, and software applications to protect sensitive data and systems.Manage and protect secrets, ensuring secure generation, storage, and usage.Execute audits to monitor, identify, and assess vulnerabilities in the bank's infrastructure and software.Support response to potential security breaches.Identify advancements to support innovation and adoption of new cryptographic technologies and techniques.Collaborate with developers and security teams across the bank to align cryptographic solutions with business
objectives, security policies, and regulatory requirements.Develop, implement, and maintain Identity and Access Management (IAM) solutions and systems.QualificationsExperience across configuration and integration with Hardware Security Module (HSM) and AWS Secrets Manager (ASM) tooling, certificate lifecycle management (e.g., rotation, revocation), and automating security workflows.Experience using GitLab CI/CD pipelines, AWS CLI or Chef.Strong experience with Cloud Security, including AWS security controls, policies and automation, CLI tools, role-based and attribute-based access controls, cryptographic protocols, secure key lifecycle management, advanced threat modeling, SOC operations, securing microservices and APIs, DevSecOps best practices, vulnerability scanning, tools, approaches, vulnerability patching, and vendor management for security.Strong experience in penetration testing and hands-on coding in at least one of: JavaScript, Java, Python.Hands-on configuration, deployment and
operation of ForgeRock COTS-based IAM solutions (e.g., PingGateway, PingAM, PingIDM, PingDS) with embedded security gates, HTTP header signing, access token and data-at-rest encryption, PKI-based self-sovereign identity, or open source.Assessment of key critical skills: risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, and job-specific technical skills.LocationLondon office.
#J-18808-Ljbffr