Senior Cybersecurity Specialist

Job Description

We are seeking an experienced security professional to join our team as a Senior Security Engineer. This is an exciting opportunity for someone who wants to make a significant impact on our organization's cybersecurity posture.

The ideal candidate will have a strong background in network security, with a focus on application layer security and web application firewalls (WAFs). They will be responsible for maintaining enterprise best practice configurations guidelines for WAF usage across the organization, developing baseline WAF security rulesets based on vendor best practices, and supporting application teams with rule deployments, log enrichment analysis, and rule recommendations.

The successful candidate will also consult with Cyber Defense stakeholders to assist with operationalizing WAF alerting to SOC, supporting runbook development, and effectively communicating technical concepts to business lines and stakeholders. Additionally, they will collaborate with other security and network engineers to support other network security related projects.

• Maintain enterprise best practice configurations guidelines for WAF usage across TR
• Develop maintain baseline WAF security rulesets based on vendor TR best practices
• Support application team WAF onboarding with rule deployments, log enrichment analysis, and rule recommendations based on analysis
• Consult with Cyber Defense (SOC, CIRT, Threat Detection) stakeholders to assist with operationalizing WAF alerting to SOC supporting runbook development
• Effectively communicate technical concepts to business lines and stakeholders
• Collaborate with other security and network engineers to support other network security related projects such as network IDS/IPS, network DLP, and SSL inspection

Required Skills and Qualifications

To be considered for this role, you will need to have a bachelor's degree and/or 7+ years of relevant professional experience in network security/network engineering. You should also have a minimum of 5 years in network security with a strong focus on application layer security, and at least 2 years of working experience with WAF solutions.

• Bachelor's degree preferred and/or 7+ years of relevant professional Network Security / Network Engineering experience
• Minimum of 5 years in network security with a strong focus on application layer security, with at least 2 years of working experience with WAF solutions
• Solid understanding of OWASP Top 10 and experience testing the most common injection vulnerabilities: Cross-site Scripting (XSS), XML External Entities (XXE), SQL Injection (SQLi), OS Command Injection.
• Understanding of Denial of Service (DoS) and Distributed DoS attacks at the Network, Transport and Application layer.
• Strong scripting and automation skills using languages such as Python and additionally Powershell
• Proven experience with maintaining enterprise WAF capabilities with providers such as Cloudflare, Mod Security or cloud native WAF services such as AWS WAF
• In-depth knowledge of security principles, protocols, and best practices.
• Proficient in analyzing large datasets using tools like Splunk, Datadog, or other SIEM/logging technologies
• Experience with cloud platforms such as AWS, Azure, Google Cloud, and/or OCI.

Benefits

This is an exciting opportunity for someone who wants to grow their career in a dynamic and innovative environment. We offer competitive salaries, comprehensive benefits, and opportunities for professional growth and development.

• Ability to work independently while driving projects to conclusion
• Experience testing less common injection vulnerabilities: Server-side Request Forgery (SSRF), Server Side Template Injection (SSTI), Insecure Deserialization, LDAP Injection, NoSQL Injection, Expression Language Injection.
• Experience with configuration management through git based source control
• Experience with Infrastructure as Code (IaC) such as Terraform, CloudFormation, ARM or Bicep.
• Experience with other network security technologies such as IDS/IPS, NextGen Firewalls, network DLP, and SSL inspection capabilities.
• Understanding of network transport protocols and services (TCP/IP, syslog, DNS, VLANs, VRF, SFTP, SSH, PKI, etc )
• Unix/Linux knowledge, can operate in a Linux environment

Others