Safer Payments Support Engineer

Job description / Role

Description

IBM Safer Payments support engineer to provide production support and ensure stability and performance of the IBM Safer Payments platform. This onsite technology operation support engineer will support all the L1 and L2 pre-production and production deployments, investigation, enhancement, and issues resolution.

Technical requirements

One onsite support engineer:

• IBM Safer Payments support engineer
• Monitor and support the IBM Safer Payments preproduction and production environment 24/7.
• Troubleshoot and resolve incidents and performance issues.
• Collaborate with internal teams for escalations and fixes.
• Ensure compliance with operational SLAs and security standards.
• Provide documentation and knowledge transfer as needed.
• 8+ years experience in IBM Safer Payments.

Cybersecurity requirements

During the course of the engagement with the consulting partner, several areas will be guided and influenced by the cybersecurity policies and rules which are derived from the central bank guidelines. Such as:

• Should have the right to audit and assess the provided solution at any time.
• The solution should be on premises.
• All employees working on the solution shall be on site; no remote working is allowed.
• System should have data encryption at rest, display, and in motion.
• Integration with SIEM, and the system must have a logging capability (audit logging, security logging).
• System must produce logs to be stored on file on the server level or streamed to SIEM.
• System must generate audit trails of all activities done by the admin, user, or customer such as creating meetings, meeting reminders, etc.
• System must generate security logs of each activity to cover login, logout, password reset, password change, change of permissions, change of roles, etc.
• System must store logs for at least 30 days and then archive them for one year with a sharing process of how to restore archives during security incidents.
• System must generate event logs when logs are tampered with or changed.
• System must have protected logs from tampering or deleting.
• System must generate logs when configuration is changed by admin or user.
• System must generate logs when files or folders are changed.
• Databases or tables to store data will not be accepted as logs.
• System must provide enriched data on the event log showing source IP, destination IP, event type, time, user, actioned user, details of action, and any additional information that might support cybersecurity cases.
• Middleware systems that transfer logs are not accepted as log sources.
• System must generate logs on all attempts including successful or failed attempts.
• System must generate logs when starting, stopping, or restarting system processes and events.
• Integration with AD/LDAP.
• Role-based access control (RBAC) access control.
• Multi-factor authentication.
• If the system supports multiple user roles, the permission should be defined.
• Implement a strong password policy.
• A secure session management system that includes authentication, session locking, and session expiration.

Description quantity

Onsite IBM Safer Payments support engineer: 12