Cyber Security Engineer - Web Application Firewall (8-10 yrs)

Roles & Responsibilities include :

- Perform Enterprise Web Application Firewall (WAF) policy management, architecture, configuration, management, troubleshooting, optimization, governance, risk assessment and automation.

- Perform Proxy policy operations and provide required support.

- End to End life cycle of Web Application Firewalls (F5, Akamai, Barracuda, Cloud).

- Proxy SWATs and Call to Work - US off hours.

- Perform migration of unprotected applications.

- Perform API security (Akamai/NoName) related operations & tasks.

Required Skills :

- Over 8 years of experience in Cybersecurity engineering with experience configuring, operating and managing forward and reverse proxies.

- Extensive experience providing SME level support in large, highly dynamic enterprise environment.

- Engineering, administrative, and operational experience supporting F5, Barracuda, Forcepoint, Secure Service Edge, Cloud Proxy and Cloud WAF platforms.

- Understanding and practical experience with web applications, web platforms, application firewalls, frameworks and protocols with respect to application development, deployment, and operation including tuning of policies and signatures.

- Strong understanding of TCP/IP, web protocols and networking concepts.

- Expertise with mainstream operating systems, web services, programming languages, regular expressions, analyzing log files, packet captures, network devices and attack vectors.

- Script writing and programming using common shell and mainstream languages.

- Senior level understanding of PKI Technology.

- Experience exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.

- Understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms.

Cyber Defense and Incident Response :

- Solid understanding of Incident Response process.

- Prior experience in Cybersecurity operations and Incident Response.

- Working level understanding of Cybersecurity operations and processes.

Desirable Skills :

- Excellent communication skills including metrics/performance documentation/presentation, technical drawing/architecture origination and modification.

- Operates well under pressure and urgent circumstances.

- Self-reliant and diligent in follow-through for assigned tasks.

- Ability to work with a geographically disperse team.

- Engaged collaborator, contributor and team player.

- CISSP, CISM, SANS GIAC, GWEB or relevant cybersecurity.

- Flexible to provide coverage in US morning hours on a need-basis, and as required.

- Experience working in an environment where coordination with multiple teams is essential to success.

- Ability to prioritize individual/group work in a high-stress and time-bound environment.