Lead Information Security Engineer iWeb Application Security

About The Position

Requirements

• 5+ years of Information Security Engineering experience, or equivalent (work experience, training, military, education)
• 2+ years in-depth knowledge and troubleshooting of HTTP-based web applications
• 5+ years implementing WAF signatures or virtual patches
• 5+ years hands-on with enterprise scale Web Application Firewalls
• 2+ years intermediate to advanced scripting/automation (e.g., Bash, Ansible playbook/role development, PowerShell, Python)
• 2+ years advanced understanding of network concepts (DNS, firewalls, load balancing)
• 1+ year change and incident management in medium/large enterprise environments
• 1+ year with Agile methodologies (Scrum or Kanban)
• 1+ year basic understanding of TLS, certificates, and mTLS authentication

Nice To Haves

• Strong verbal, written, and interpersonal communication skills
• Deep WAF concepts knowledge and hands‑on policy engineering
• Demonstrated experience tuning false positives/false negatives, including custom rules and exceptions
• Practical knowledge of data and perimeter security (firewalls, IDS/IPS) and network protocols
• Understanding of network security architectures and standards development
• Familiarity with web security signatures, web firewall policy design, and global load balancing strategies
• Experience with bot mitigation strategies and API security (e.g., endpoint discovery, authentication/authorization patterns, schema validation, rate limiting)
• Experience with application onboarding/offboarding to edge/WAF protection stacks
• Exposure to Information Security frameworks/standards (FFIEC, NIST, ISO)
• Hands‑on Saas/web application security configuration at scale
• Experience protecting large consumer web properties (e.g., high‑traffic, high‑visibility domains)
• Applied protections against cross‑site scripting, injection, and common OWASP Top 10 issues
• Comfort explaining OSI stack layers, especially the difference between network‑layer DDoS (L3/L4) and application‑layer DDoS (L7)

Responsibilities

• Lead incident response for moderately complex events affecting public web applications, with emphasis on Layer‑7 attack detection, triage, containment, and recovery.
• Provide security consulting to internal application stakeholders, ensuring conformance with enterprise security policies and standards.
• Design, document, test, and maintain security controls for web applications at the edge.
• Engineer, deploy, and tune WAF policies/signatures (e.g., cross‑site scripting, injection, protocol anomalies), bot detection/mitigation, API protection (rate limiting, schema/behavior enforcement), and Layer‑7 DDoS defenses.
• Implement and refine rate limiting for web and API endpoints to ensure resiliency, performance, and abuse prevention.
• Review and correlate security logs and telemetry across edge providers and on‑prem platforms; distinguish real attacks from false positives.
• Apply industry best practices in availability, integrity, confidentiality, risk management, threat modeling, monitoring, incident response, access management, and business continuity.
• Collaborate across security engineering, networking, application owners, and operations to resolve issues and achieve shared goals.
• Support application onboarding/offboarding to the SaaS providers, using knowledge of DNS, WAF, L7 DDoS, bot policies, and GLB/routing considerations.