Cyber Security

Job Description

Job Description and Responsibilities

• Candidate will develop, support, tune and deploy Web Application Firewall security solutions across Visa. Primary day-today job duties involve
• Web Application Security: Engineering, deployment, and operations of Web Application Firewall security solutions and integration of those platforms with other security solutions as required.
• Performing hands-on Web Application Firewall deployment, configuration, policy fine-tuning and maintenance
• This is a hands-on technical job.
• Looking for an experienced candidate with extensive experience with Akamai, Cloudflare and/or Imperva Web Application Firewall policy fine-tuning and administration.

Responsibilities Web Application Security:

• Engineers, configures, deploys, and maintains Web Application Firewall solutions
• Develops advanced alerts/reports to meet the requirements of key stakeholders
• Develops automation for security tools management and workflow integration
• Collaborates with key stakeholders within Information Security and Engineering teams to develop specific use cases to address specific business needs
• Creates WAF rules/signatures to mitigate threats and implements best practices
• Creation and implementation of custom alerting dashboards in SIEM for investigations
• Works extensively with different stakeholders across Visa for tuning WAF policies or creating custom signatures
• Aids in gathering metrics for measuring Performance and Risk
• Provides ongoing support to existing monitoring capabilities and data collection systems.
• Provides development support for the expansion and implementation of new systems.

Qualifications Over 6 years of experience in Cybersecurity engineering with experience that includes configuring and managing Web Application Firewalls. Web Application Firewall/Security Experience:

• Experience with Akamai, Cloudflare and/or Imperva is a must
• Expert Python Scripting, Perl, Shell scripting. Development experience in C++, Java, Java Script.
• Excellent experience with Regular Expressions
• Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
• Extensive knowledge of Imperva, Akamai and/or Cloudflare Web Application Firewall configuration and management
• Extensive knowledge of web technologies and concepts
• Strong understanding of TCP/IP, web protocols and networking concepts
• Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
• Experience in reviewing and analyzing log files and data correlation
• Excellent Logical and Practical understanding of SSDLC
• Experience with managing Web/Application Servers
• Scripting/programming using Python
• Excellent understanding of PKI Technology
• Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
• Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
• Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
• Experience with Web Application Firewall management and rules
• Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
• Excellent understanding of DDoS techniques and mitigation mechanisms

Cyber Defense and Incident Response:

• Solid understanding of Incident Response Process
• Prior experience in Security Operations and Incident Response
• Excellent understanding of Cyber Security Operations, Incident Response processes

Educational, Certifications and Other:

• Excellent communication skills
• Excellent team player
• CISSP, SANS GPEN, GXPN, SANS GIAC AWS Security
• OSCP (Offensive Security Certified Professional) is a Plus
• Bachelor s degree in engineering, computer science, information security, or information systems

,

Keyskills :
web application testingweb application firewallweb application developmentenvironmental impact assessmentuse casesopen sourceweb serversweb servicesmusic making