diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/config/SecurityConfig.java b/apps/user-service/src/main/java/com/gltkorea/icebang/config/SecurityConfig.java
deleted file mode 100644
index 75a5c6af..00000000
--- a/apps/user-service/src/main/java/com/gltkorea/icebang/config/SecurityConfig.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package com.gltkorea.icebang.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.core.env.Environment;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.NoOpPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-import lombok.RequiredArgsConstructor;
-
-@Configuration
-@RequiredArgsConstructor
-public class SecurityConfig {
-  private final Environment environment;
-
-  @Bean
-  public PasswordEncoder bCryptPasswordEncoder() {
-    String[] activeProfiles = environment.getActiveProfiles();
-
-    for (String profile : activeProfiles) {
-      if ("dev".equals(profile) || "test".equals(profile)) {
-        return NoOpPasswordEncoder.getInstance();
-      }
-    }
-    return new BCryptPasswordEncoder();
-  }
-}
diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/config/security/SecurityConfig.java b/apps/user-service/src/main/java/com/gltkorea/icebang/config/security/SecurityConfig.java
new file mode 100644
index 00000000..8a81b429
--- /dev/null
+++ b/apps/user-service/src/main/java/com/gltkorea/icebang/config/security/SecurityConfig.java
@@ -0,0 +1,56 @@
+package com.gltkorea.icebang.config.security;
+
+import java.security.SecureRandom;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+import com.gltkorea.icebang.config.security.endpoints.SecurityEndpoints;
+
+import lombok.RequiredArgsConstructor;
+
+@Configuration
+@RequiredArgsConstructor
+public class SecurityConfig {
+  private final Environment environment;
+
+  @Bean
+  public SecureRandom secureRandom() {
+    return new SecureRandom();
+  }
+
+  @Bean
+  public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+    return http.authorizeHttpRequests(
+            auth ->
+                auth.requestMatchers(SecurityEndpoints.PUBLIC.getMatchers())
+                    .permitAll()
+                    .requestMatchers(SecurityEndpoints.ADMIN.getMatchers())
+                    .hasRole("ADMIN")
+                    .requestMatchers(SecurityEndpoints.USER.getMatchers())
+                    .hasRole("USER")
+                    .anyRequest()
+                    .authenticated())
+        .formLogin(form -> form.loginPage("/login").defaultSuccessUrl("/").permitAll())
+        .logout(logout -> logout.logoutSuccessUrl("/login").permitAll())
+        .build();
+  }
+
+  @Bean
+  public PasswordEncoder bCryptPasswordEncoder() {
+    String[] activeProfiles = environment.getActiveProfiles();
+
+    for (String profile : activeProfiles) {
+      if ("dev".equals(profile) || "test".equals(profile)) {
+        return NoOpPasswordEncoder.getInstance();
+      }
+    }
+    return new BCryptPasswordEncoder();
+  }
+}
diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/config/security/endpoints/SecurityEndpoints.java b/apps/user-service/src/main/java/com/gltkorea/icebang/config/security/endpoints/SecurityEndpoints.java
new file mode 100644
index 00000000..0a24605f
--- /dev/null
+++ b/apps/user-service/src/main/java/com/gltkorea/icebang/config/security/endpoints/SecurityEndpoints.java
@@ -0,0 +1,20 @@
+package com.gltkorea.icebang.config.security.endpoints;
+
+public enum SecurityEndpoints {
+  PUBLIC(
+      "/", "/login", "/register", "/api/public/**", "/health", "/css/**", "/js/**", "/images/**"),
+
+  ADMIN("/admin/**", "/api/admin/**", "/management/**", "/actuator/**"),
+
+  USER("/user/**", "/api/user/**", "/profile/**", "/dashboard");
+
+  private final String[] patterns;
+
+  SecurityEndpoints(String... patterns) {
+    this.patterns = patterns.clone();
+  }
+
+  public String[] getMatchers() {
+    return patterns.clone();
+  }
+}