Lead Security Engineer - Application Runtime Protection

About The Position

Requirements

• Bachelor’s degree or equivalent knowledge in a relevant field such as computer science, computer engineering, or information technology.
• Five years of experience in security or demonstrated success in at least three years of similar security work.
• Demonstrated expertise in analyzing web traffic for known common attack patterns like SQLi, XSS, etc.
• Demonstrated leadership experience or potential.
• STAR experience with public speaking and examples of ownership situations in team settings.
• Expertise in reading and writing one core coding or scripting language (Java, Python, etc.).
• Experience in querying (SQL) and data manipulation (RegEx, etc.) across various toolsets.
• Ability to self-identify patterns in metadata across individual or multiple records.
• Good understanding of application security / shift-left and interest to learn and grow in runtime protections.

Nice To Haves

• Experience in detailed & organized documentation.
• Inclination to proactively learn and grow within a cybersecurity organization.
• Ability to think and judge independently to help application teams reduce their workload in identifying false positives.

Responsibilities

• Review policy level traffic on a weekly (or daily) basis and identify actions to tighten security across all programs (WAF, GenAI Guardrails, API).
• Present recommendations to policy owners (app development leads) and drive them to adopt your recommendations.
• Aggregate metrics for reporting.
• Contribute towards team or program improvements by identifying areas to improve and working with leadership to make changes.
• Contribute towards software development activities as needed.
• Maintain consistent documentation associated with all operational activities and all developed systems or integrations.
• Self-manage with touchpoints for clarity based on high-level directives.