WAF Security Engineer

6 days ago

Apply Now

Receive Emails with Similar Jobs

The College Board

WebsiteLinkedInAll Job Openings

Education • Education Policy

1001 - 5000 employees

Founded 1900

📚 Education

🤝 Non-profit

Description

• Engineer, configure, deploy, and maintain Web Application Firewall solutions. • Develop advanced scripts for manipulation of multiple data repositories to support analyst requirements. • Develop advanced alerts/reports to meet the requirements of key stakeholders. • Develop scalable security management tools and processes. • Develop automation for security tools management and workflow integration. • Collaborate with key stakeholders within Cybersecurity and Engineering teams to develop use cases to address specific business needs. • Create WAF rules to mitigate threats and implement best practices. • Develop new SIEM (Security Information and Event Management) content for Cybersecurity teams, including correlations, enrichments, dashboards, reports, and alerts that appropriately characterize web application attacks and mitigation mechanisms. • Provide rotating 24/7 support for security-related issues.

Requirements

• 3+ years’ experience as a Security Engineer with strong focus on Akamai WAF platforms. • Understanding of OWASP risks, vulnerabilities and mitigation mechanisms. • Experience managing Web Application Firewalls and rules. • Expertise in exploiting web apps and web services security vulnerabilities (XSS, CSRF, SQL injection, DoS, XML/SOAP, API attacks). • Proficiency in system exploits (Buffer Overflows, PTH attacks, Windows authentication framework, etc.). • Understanding of common network and web protocols. • Knowledge of DDoS techniques and mitigation. • Familiarity of event logs and alerts from various data sources (Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, web proxies). • Willingness and ability to provide 24/7 support, rotating primary and secondary support roles within the team. • Authorization to work in the United States. • Additional nice-to-haves: Knowledge of SSDLC processes and application security tools and frameworks, including Kali Linux Web application testing tools (Burp Suite, Nikto, Maltego, SQLMap). • Experience in Cyber Security Operations, Digital Forensics, Threat Hunting, and Incident Response. • System administration experience in a Windows and Unix environment.

Benefits

• A comprehensive package designed to support the well-being of employees and their families and promote education. • Our robust benefits package includes health, dental, and vision insurance, generous paid time off, paid parental leave, fertility benefits, pet insurance, tuition assistance, retirement benefits, and more. • Recognition of exceptional performance through annual bonuses, salary growth over time through market increases, and opportunities for merit raises and promotions based on increased scope of responsibility. • A job that matters, a team that cares, and a place to learn, innovate and thrive.