Description:
The Application Security Engineer candidate will have a strong background in cybersecurity and understanding of web application and zero trust proxy security practices. The primary responsibility of the Engineer will be to ensure the effective deployment, configuration, and maintenance of our systems for Global customers. This role requires expertise in Web Application Firewalls, Zero Trust Proxy, Cloud security as well as experience with alerts and detections and data log analysis. This role will be part of the Application Edge Protection Service within the CyberSecurity pillar.
Role Specific Responsibilities:
- Web Application Firewall Management: Deploy, configure, and maintain web application firewall systems to protect our web applications against potential threats and vulnerabilities.
- Zero Trust Proxy: Deploy, configure, and Zero Trust Proxy systems to support identity gates to include defining and maintaining policies and connectors.
- Security Incident Response: Monitor and analyze security events, alerts, and logs generated by the web application firewall systems. Investigate and respond to potential security incidents, working closely with the Security Operations Center (SOC) and other Cybersecurity teams.
- Detection and Analysis: Develop and maintain detection rules, alerts, and reports to proactively identify and mitigate risks utilizing logs. Provides investigation findings to relevant business units to help improve information security posture.
- CDN Integration: Collaborate with the infrastructure and application teams to integrate the web application firewall with CDNs such Akamai and Radware, ensuring seamless traffic management and content delivery.
- Vulnerability Assessment: Utilize WAF data to identify potential vulnerabilities and recommend appropriate remediation measures to customers.
- Documentation and Reporting: Maintain accurate documentation of WAF configurations, policies, and procedures. Prepare reports and metrics related to web application security, including trends, incident summaries, and mitigation strategies, as needed.
- Collaboration: This role requires ability to explain security details to non- security teams such as application and engineering teams. Must be able to collaborate with cross-functional teams to ensure effective communication, knowledge sharing, and alignment of security objectives. Provide guidance to application teams on application security best practices and security awareness, as needed.