Vacancy expired!
- Serve as a hands-on subject matter expert for WAF and BOT mitigation
- Provide analysis for WAF/ BOT mitigation designs and implementation plans
- Research website and API traffic telemetry and determine appropriate WAF/ BOT mitigation
- Analyze WAF/ BOT attack traffic to assess security risk, derive severity, and set mitigation priority
- Participate in planning efforts and implement incremental WAF/ BOT threat identification and mitigation improvements
- Participate in SOC and threat intelligence tasks providing security consulting
- Participate in and execute technical evaluations of pertinent new security technologies addressing emerging threats and industry trends
- Participate in modeling potential Digital application security threats and mitigations
- Deliver and resolve complex engineering problems spanning multiple applications to drive overall improvements in security across systems and applications
- Assist the Information Security team in monitoring and managing security systems and reviewing logs
- Respond to escalated security engineering issues for enterprise systems; facilitate and troubleshoot when necessary
- Serve as a security engineering resource for project teams throughout the implementation and maintenance of assigned information security solutions; contribute to the definition and governance of security documentation (e.g. guidelines, processes, procedures)
- Support Vulnerability Management efforts in reviewing security defects and providing remediation consulting to development teamsAssist development teams and Vulnerability Management with the prioritization of application security defects
- Bachelor's degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field)
- 2 years of experience in technology system support, software development or a related field
- 1 year of experience with information security applications and systems
- 1 year of experience in database technologies
- 1 year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
- 2 years of experience analyzing the output of industry-standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications
- Working knowledge of WAF and BOT concepts and products (e.g. Akamai Kona/ BOT-Manager, Fastly Cloud WAF, Google Cloud Armor, etc.)
- Knowledge of browser security headers (e.g. CSP, HSTS, etc.)
- Experience implementing web application firewalls for e-Commerce sites
- Knowledge of API security gateway concepts and products (Apigee, Layer 7, DataPower, etc.)
- Experience in delivering security product deployments, integration, and operational efforts
- Experience facilitating vendor security product requests for engineering requirements, enhancements, maintenance, and configuration
- Familiarity with OWASP Top 10 and/or SANS Top 25
- Familiarity with one or more of the following development languages: Java, Python, JavaScript/Node.js, GO, PHP
- Familiarity of Magecart style attacks and mitigation solutions
Vacancy expired!