The Responsibilities
- Engineers, configures, deploys, and maintains Web Application Firewall solutions
- Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
- Develops advanced alerts/reports to meet the requirements of key stakeholders
- Develops scalable security management tools and processes
- Develops automation for security tools management and workflow integration
- Collaborates with key stakeholders within Cybersecurity and Engineering teams to develop specific use cases to address specific business needs
- Creates WAF rules to mitigate threats and implements best practices
- Develop new SIEM content for Cybersecurity teams, including correlations, enrichments, dashboards, reports, and alerts that appropriately characterize web application attacks and mitigation mechanisms
The Requirements
- 5 or more years of relevant work experience with a bachelor's degree or at least 2 years of work experience with an Advanced degree (e.g., Masters, MBA, JD, MD) or 0 years of work experience with a PhD.
- Experience with one or more of: Akamai, AWS Cloudfront, Cloudflare CDN and other CDN solutions.
- Experience with one or more of the following: imperva Web Application Firewall, F5 WAF, and CDN Firewall.
Bonus Points If You Have Experience with One Or More of The Following
SecDevOps:
- Expert Python Scripting, Perl, Shell scripting. Development experience in C++, Java, Java Script.
- SecDevOps experience in maintaining and enhancing infrastructure as code with, Terraform, Puppet, or Jenkins.
- Experience with using knowledge management and code repositories, including Github, Gitlab, Jira, and Confluence.
- Experience with Lambda, API Gateway.
Application Security:
- Knowledge of SSDLC processes.
- Required knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools.
- Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
- Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms.
- Well versed in system exploits (e.g., Buffer Overflows, PTH attacks, windows authentication framework etc.,)
- Excellent understanding of common network and web protocols.
- Excellent understanding of DDoS techniques and mitigation mechanisms.
Cyber Defense and Incident Response:
- Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
- Prior experience in Security Operations and Incident Response.
- Excellent understanding of Cyber Security Operations, Incident Response processes.
Infrastructure management and support:
- System administration experience in a Windows and Unix environment.
- Experience working in a large enterprise environment.
- Experience integrating solutions in a multi-vendor environment.
- Familiarity with Atlassian JIRA.