WAF Security Engineer

The College Board-posted about 1 year ago
$120,000 - $131,000/Yr
Full-time • Mid Level
Remote • New York, NY
Educational Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The WAF Security Engineer at College Board is responsible for developing, supporting, tuning, and deploying advanced web application security solutions, including Web Application Firewalls (WAF), DDoS protection, and bot mitigation. This role requires collaboration with various cybersecurity and engineering teams to address complex security challenges and ensure the protection of the organization's cloud infrastructure. The position is fully remote, requiring work during core EST hours, and involves providing 24/7 support for security-related issues.

  • Engineer, configure, deploy, and maintain Web Application Firewall solutions.
  • Develop advanced scripts for manipulation of multiple data repositories to support analyst requirements.
  • Develop advanced alerts/reports to meet the requirements of key stakeholders.
  • Develop scalable security management tools and processes.
  • Develop automation for security tools management and workflow integration.
  • Collaborate with key stakeholders within Cybersecurity and Engineering teams to develop use cases to address specific business needs.
  • Create WAF rules to mitigate threats and implement best practices.
  • Develop new SIEM content for Cybersecurity teams, including correlations, enrichments, dashboards, reports, and alerts that appropriately characterize web application attacks and mitigation mechanisms.
  • Provide rotating 24/7 support for security-related issues.
  • 3+ years' experience as a Security Engineer with strong focus on Akamai WAF platforms.
  • Understanding of OWASP risks, vulnerabilities and mitigation mechanisms.
  • Experience managing Web Application Firewalls and rules.
  • Expertise in exploiting web apps and web services security vulnerabilities (XSS, CSRF, SQL injection, DoS, XML/SOAP, API attacks).
  • Proficiency in system exploits (Buffer Overflows, PTH attacks, Windows authentication framework, etc.).
  • Understanding of common network and web protocols.
  • Knowledge of DDoS techniques and mitigation.
  • Familiarity of event logs and alerts from various data sources (Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, web proxies).
  • Willingness and ability to provide 24/7 support, rotating primary and secondary support roles within the team.
  • Authorization to work in the United States.
  • Knowledge of SSDLC processes and application security tools and frameworks, including Kali Linux Web application testing tools (Burp Suite, Nikto, Maltego, SQLMap).
  • Experience in Cyber Security Operations, Digital Forensics, Threat Hunting, and Incident Response.
  • System administration experience in a Windows and Unix environment.
  • Health insurance
  • Dental insurance
  • Vision insurance
  • Generous paid time off
  • Paid parental leave
  • Fertility benefits
  • Pet insurance
  • Tuition assistance
  • Retirement benefits
  • Annual bonuses
  • Salary growth opportunities
  • Merit raises and promotions based on increased scope of responsibility
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Network Security Engineer Resume Examples
Network Security Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service