Senior Security Engineer

About the Role:

In this opportunity as a Senior security Engineer, you will:

• Maintain enterprise best practice configurations & guidelines for WAF usage across TR
• Develop & maintain baseline WAF security rulesets based on vendor & TR best practices
• Support application team WAF onboarding with rule deployments, log enrichment & analysis, and rule recommendations based on analysis
• Consult with Cyber Defense (SOC, CIRT, Threat Detection) stakeholders to assist with operationalizing WAF alerting to SOC & supporting runbook development
• Effectively communicate technical concepts to business lines and stakeholders
• Collaborate with other security and network engineers to support other network security related projects such as network IDS/IPS, network DLP, and SSL inspection
• Collaborate with ISRM stakeholders such as security architecture, product security, incident response, and threat detection to ensure services are meeting stakeholder expectations
• Consult with application teams on supporting development of rate limiting & bot management rules

About you:

You're a fit for the role of Senior security Engineer if your background includes:

• Bachelors degree preferred and/or 7+ years of relevant professional Network Security / Network Engineering experience
• Minimum of 5 years in network security with a strong focus on application layer security, with at least 2 years of working experience with WAF solutions
• Solid understanding of OWASP Top 10 and experience testing the most common injection vulnerabilities: Cross-site Scripting (XSS), XML External Entities (XXE), SQL Injection (SQLi), OS Command Injection.
• Understanding of Denial of Service (DoS) and Distributed DoS attacks at the Network, Transport and Application layer.
• Strong scripting and automation skills using languages such as Python and additionally Powershell
• Proven experience with maintaining enterprise WAF capabilities with providers such as Cloudflare, Mod Security or cloud native WAF services such as AWS WAF
• In-depth knowledge of security principles, protocols, and best practices.
• Proficient in analyzing large datasets using tools like Splunk, Datadog, or other SIEM/logging technologies
• Experience with cloud platforms such as AWS, Azure, Google Cloud, and/or OCI.
• Ability to work independently while driving projects to conclusion

Preferred Qualifications

• Experience testing less common injection vulnerabilities: Server-side Request Forgery (SSRF), Server Side Template Injection (SSTI), Insecure Deserialization, LDAP Injection, NoSQL Injection, Expression Language Injection.
• Experience with configuration management through git based source control
• Experience with Infrastructure as Code (IaC) such as Terraform, CloudFormation, ARM or Bicep.
• Experience with other network security technologies such as IDS/IPS, NextGen Firewalls, network DLP, and SSL inspection capabilities.
• Understanding of network transport protocols and services (TCP/IP, syslog, DNS, VLANs, VRF, SFTP, SSH, PKI, etc)
• Unix/Linux knowledge, can operate in a Linux environment