At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.
We are seeking an experienced Remote Access Engineer (Citrix NetScaler & Zscaler Private Access) to join our global security engineering team in Zurich. As the ideal candidate, you possess deep expertise in secure remote access technologies, strong authentication and identity integration skills, and hands-on experience operating enterprise-grade remote connectivity platforms within a regulated financial services environment. You are comfortable working across infrastructure, security, endpoint, and identity domains, ensuring that employees, contractors, and approved third parties can securely access corporate resources.
Your primary responsibilities will involve architecting, operating, and continuously improving the Bank’s Citrix NetScaler Gateway infrastructure, integrating and maintaining multi-factor authentication solutions, enforcing secure access and conditional access policies, and ensuring the resilience, security, and compliance of the Bank’s remote access services.
In addition, you will contribute to the design, implementation, and operationalisation of the Bank’s future Zscaler Private Access (ZPA) platform and support the evolution of the remote access landscape towards a modern Zero Trust Network Access (ZTNA) architecture. Working closely with IAM, Endpoint Management, Security Operations, and Global IT teams, you will help deliver secure, reliable, and scalable remote connectivity aligned with regulatory requirements and the Bank’s strategic security roadmap.
Beyond the remote access domain, you will also have the opportunity to contribute to and gain hands-on experience with other security services managed by the team, including Internet Proxy, Multi-Factor Authentication (MFA), Privileged Access Management (PAM), Public Key Infrastructure (PKI), and Secure Mail Gateway solutions. This provides an excellent opportunity for candidates looking to broaden their expertise across multiple security domains and further develop their security engineering career within a collaborative and highly skilled team.
YOUR CHALLENGE
- As part of a dedicated security engineering team, administer, configure, and continuously improve the Bank’s Citrix NetScaler ADC and NetScaler Gateway infrastructure, ensuring high availability, performance, scalability, and operational resilience across primary and disaster recovery environments
- Manage and maintain SSL-VPN and clientless access services, including virtual server configurations, authentication policies, rewrite rules, responder policies, and traffic steering mechanisms
- Design, implement, and maintain secure authentication and conditional access policies based on user identity, device type, network location, and contextual risk factors
- Participate in the design, implementation, and rollout of the Bank’s Zscaler Private Access (ZPA) platform, supporting the transition towards a modern Zero Trust Network Access architecture and contributing to technical design, testing, integration, and operational readiness activities
- Develop and maintain expertise across both Citrix NetScaler Gateway and Zscaler Private Access (ZPA) technologies, supporting the Bank’s strategic remote access roadmap and ensuring secure, seamless connectivity across multiple access platforms
- Plan, coordinate, and execute infrastructure upgrades, security patches, policy changes, and platform enhancements in accordance with established change management processes within a regulated financial environment
- Provide 2nd and 3rd level engineering support for the Bank’s remote access platforms, acting as an escalation point for complex incidents and participating in a shared 24/7 on-call rotation for critical services
YOUR PROFILE
- Highly proactive, solution-oriented, and capable of independently assessing, prioritising, and resolving complex technical challenges in a structured and efficient manner
- Strong analytical and conceptual thinking skills with a high level of attention to detail, particularly when working within business-critical and highly regulated environments
- Willingness and curiosity to learn new technologies and expand expertise across multiple security domains, contributing to the continuous evolution of the Bank’s security services
- University degree or higher technical education (university of applied sciences, federal diploma) in Computer Science, Information Security, or a related discipline — or equivalent practical experience
- Minimum 3–5 years of hands-on experience in IT Security or Infrastructure Engineering, with a strong focus on secure remote access, identity management, authentication technologies, and endpoint security
- In-depth expertise in Citrix NetScaler ADC and NetScaler Gateway, including hands-on experience with AAA policies, virtual server configuration, SSL-VPN services, high-availability deployments, authentication flows, and troubleshooting via both GUI and CLI
- Knowledge of Zero Trust Network Access (ZTNA) concepts and architectures; experience with Zscaler Private Access (ZPA) or comparable ZTNA technologies is considered an advantage
- Practical scripting and automation skills using one or more of PowerShell, Python, or Bash, including automation of certificate validation, health checks, log analysis, and operational tasks through REST APIs, Citrix Nitro API, or comparable interfaces
- Practical experience with Microsoft Entra ID (Azure AD), Active Directory, and hybrid identity environments
- Proven experience integrating remote access platforms with Multi-Factor Authentication (MFA) solutions and modern identity providers
- Strong understanding of endpoint compliance validation, device trust concepts, BYOD access models, and modern remote access security architectures
- Experience working within financial services or other highly regulated industries, with a solid understanding of regulatory and compliance requirements
- Experience supporting and operating business-critical infrastructure platforms with a focus on availability, resilience, performance, and security
- Strong communication and collaboration skills, with the ability to work effectively across global teams and translate technical concepts into practical solutions
- Fluent written and spoken English (B2/C1)
We are looking forward to receiving your full job application through our online application tool. Further interesting job opportunities can be found on our Career site.
Is this not quite what you are looking for? Set up a job alert by creating a candidate account here.