Cybersecurity Engineer

About The Position

Requirements

• 2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience

Nice To Haves

• 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
• Experience with one or more: Akamai, AWS CloudFront, Cloudflare, or other CDN solutions
• Experience with one or more of the following: Imperva WAF, F5 WAF, and CDN Firewall
• Experience with API Security solutions such as Imperva API Anywhere, Cloudflare API Shield, or other similar solutions
• Web Application Firewall Experience (Must have)
• Experience with one or more of the following: SecDevOps Experience
• Expertise in one or more of the following: Python, Perl, shell scripting, C++, Java, Java Script
• Excellent experience in creating Regular Expressions for security polices and rules
• Experience in maintaining and enhancing infrastructure as code with one or more of the following: CloudFormation, Terraform, Chef, Puppet, Jenkins, CodeDeploy
• Experience with using knowledge management and code repositories with GitHub, Gitlab, Jira, and Confluence
• Experience with Lambda, API Gateway, API Security controls including API Inventory, Runtime detection of threats, and Offensive Security testing or API DAST
• Experience with API Security solutions such as Imperva API Anywhere, Cloudflare API Shield, or other similar solutions

Responsibilities

• Web Application Security: Engineering, deployment, and operations of security solutions, including Web Application Firewalls, as well as integration of those platforms with other solutions as required.
• Security Software Development: Scripting and Development in Python, Shell scripting and development in other languages.
• Engineers, configures, deploys, and maintain Web Application Firewall solutions.
• Develop scripts for manipulation of multiple data repositories to support analysts.
• Develop alerts/reports to meet the requirements of key stakeholders.
• Develops automation for security tools management and workflow integration.
• Collaboration with key stakeholders within Cybersecurity Engineering teams to develop specific use cases to address web and application security requirements.
• Creates WAF rules to mitigate threats and implement security best practices.
• Develop and enhance SIEM content for Cybersecurity teams, including correlations, enrichments, dashboards, reports, and alerts that appropriately illustrate and characterize web application attacks and mitigation mechanisms.
• Application Security: Knowledge of SSDLC processes, procedures, and tools.
• Knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools.
• Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks such as Broken Object Level Authorization (BOLA).
• Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms.
• Strong experience with Web Application Firewall management and rules.
• Excellent understanding of common network and web protocols.
• Excellent understanding of DDoS, Bot, and ATO techniques and mitigation mechanisms.
• Cyber Defense and Incident Response: Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
• Prior experience or support of Security Operations and Incident Response.
• Excellent understanding of Cyber Security Operations and Incident Response processes.
• Infrastructure management and support: System administration experience with Windows and Unix servers.
• Experience working in a large enterprise environment.
• Experience integrating solutions in a multi-vendor environment.
• Familiarity with Atlassian JIRA.

Benefits

• Medical
• Dental
• Vision
• 401 (k)
• FSA/HSA
• Life Insurance
• Paid Time Off
• Wellness Program