Security Engineer (WAF)

BridgeView

Apply Now

Job Reference: 9971

Bridgeview is currently seeking a Security Engineer for one of our clients. If you love building and supporting technology solutions that make businesses successful, then read on for more details.  

TITLE: Security Engineer 
LOCATION: Denver, CO – Hybrid (onsite 1 day every 2 weeks)
COMPENSATION: $70/hr
BENEFITS & PERKS: Medical, Dental & Vision insurance; 4% match on 401K, Life & LTD Insurance, and Employee Perks (more detail below) 

OVERVIEW 
The Security Engineer works as part of the Cybersecurity team to manage and secure web-based applications hosted on-premises and in the Cloud. In this role, the Web Applications Engineer is responsible for designing secure WAF, Bot Mitigation, and DDoS Mitigation configurations that defend against threats and vulnerabilities without impeding the business. The engineer executes controls adhering to policies, monitors against the threat landscape and recommends changes where necessary. Working as part of a team, the engineer shares information and testing effectiveness of controls and collaborates to counter threats and vulnerabilities. The engineer understands the applications in use, where weaknesses may exist and how web security controls can help thwart vulnerabilities in dynamic and legacy applications. The engineer will work closely in tangent with other security and development teams to promote a Secure Software Development Life Cycle (SSDLC) in conjunction with industry best practices.

HOW YOU WILL MAKE AN IMPACT 

  • Act as a subject matter expert for Web Application Firewall (WAF), BOT Mitigation (BotM), and DDoS Mitigation platforms.
  • Oversee web application security functions, developing and driving programmatic efforts to address external, internal, and emerging application security risks throughout the organization.
  • Design, build, configure, deploy, and support Web Application Firewall (WAF) and BOT Mitigation (BotM) platforms and policies.
  • Configure deploys and maintains WAF/BotM solutions on-prem and in the cloud
  • Configure new sites and applications for WAF/BotM protection, analysis of traffic to remove false positives
  • Engineer, configure, deploy, and maintain WAF/BotM solutions on premise and in the cloud (GCP, Azure, etc.)
  • Work closely with the engineering/architecture teams to evaluate the security readiness of new and existing applications introduced into the environment.
  • Design, test and deploy solutions and settings with rules designed to protect against vulnerabilities and threats targeting web-based and mobile applications.
  • Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information
  • Oversee compliance hardening governance on cloud and application landscape. Conducting hardening checks of device configurations to determine version compliance and identify and mitigate weaknesses.
  • Review reports from vulnerability and penetration tests, and results from tabletop exercises, to identify exposure and improve application security posture in tandem with application security engineers.
  • Create WAF/BotM rules/signatures to mitigate threats and implements best practices
  • Liaise with cybersecurity, threat intelligence, information technology, software development, and 3rd party development teams members.
  • Monitors systems activities and fine tunes system parameters and configuration to optimize performance and ensure security of systems
  • Openly support the organization, management, and executive leadership team, even during times of adversity.
  • Perform root cause analysis on cyber incidents, issues, and determines the proper course of action
  • Research and recommend changes to procedures and systems to enhance application and data security.
  • Conduct security assessments of application, network, and computing architecture before systems are placed in production.
  • Design, develop, and deliver application security strategy throughout the CI/CD lifecycle.
  • Enable security best-practices and security software integration into application developers SDLC processes.
  • Work closely in tangent with other security and development teams to promote a Secure Software Development Life Cycle (SSDLC) in conjunction with industry best practices.
  • Work with the system/application teams to ensure that application security risks are effectively identified with security testing functions (SAST, DAST, IAST, pen test) and appropriately addressed while maintaining a balance between security & usability.
  • Document and maintain policies and standard operating procedures aligning with strong security practices, standards, application, and host integrity, and OWASP best practices.
  • Implement tools to assess and enforce application security policies and guidelines.
  • Work with security team members to enforce thorough application inventory and management standards, as well as audit compliance for applications and services under corporate policies.
  • Coordinate delivery of secure coding awareness training to software developers.
  • Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts.
  • Communicate technical application security control concepts to team members, including developers, architects, and managers.
  • Be professionally accountable for remaining educated on the threat landscape and mitigation techniques.
  • Be an application security evangelist who can translate security concepts into language that is meaningful to varying audiences, including business and technical leaders.
EXPERIENCE REQUIRED  
  • Bachelor’s degree required in either: Business, Finance, Computer Science, Engineering, IT, or similar field.
  • Bachelor’s degree or equivalent years (4+) as a WAF/BotM Security Engineer
  • 3 + years of experience in enterprise security or application security.
  • 3+ years of experience deploying, configuring, managing a Web Application Firewall (WAF) platform.
  • 3+ years of experience deploying, configuring, managing a Bot Mitigation (BotM) platform.
  • 2+ years of experience deploying, configuring, managing a DDoS Mitigation platform.
  • 2 + years of experience working in a cloud-native environment such as Azure, AWS, GCP.
  • Hold an active cybersecurity certification, such as a CSSLP, CISSP, CISA, CCP, CSSLP, GCSA MCP, MCSE, SANS, or Microsoft AZ (highly desired, or equivalent experience is acceptable).
  • Relevant industry certifications such as SANS, CISSP, CCNA, etc. desired.
  • Experience with the airline industry a plus.
  • Familiarity with tools such as Akamai, Radware, F5, or PerimeterX is preferred.
  • Experience installing, configuring, and supporting Web Application Firewalls (WAFs) in a complex enterprise environment.
  • Experience with Web Application Firewall (WAF) configuration, policy, and management of related tools.
  • Experience with Bot Mitigation (BotM) configuration, policy, and management of related tools.
  • Experience with DDoS Mitigation deployments (IPSec/GRE tunnels), configuration, policy, and management of related tools.
  • Proficiency with applications, databases, web services, authentication, and middleware servers.
  • Knowledge of mobile application and device security (iOS, Android, Mobile SDKs).
  • Experience with security concepts and tooling such as: SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), IAST (Interactive Application Security Testing), Web Application Penetration Testing, and Open-Source Analysis.
  • Understanding of OWASP Top Ten, threats and vulnerabilities, and tactics used to compromise applications.
  • Experience with secure CI/CD pipeline design and architecture, automation, and secure code gating.
  • Experience securing cloud IAAS and PAAS environments (Azure, AWS, Google Cloud).
  • Ideally familiar with one or more regulatory requirements and laws such as, Sarbanes-Oxley Act (SOX), HIPAA, GDPR, California Consumer Privacy Act (CCPA) and Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following: ISO 17799, ITIL, Cybersecurity Maturity Model Certification and NIST Cybersecurity Framework.
  • Aptitude with one or more scripting languages (e.g., Python, PowerShell, JavaScript, and Bash).
  • Experience with industry compliance standards and frameworks such as PCI-DSS, HIPPA, NIST, ISO, ITIL, COSO, COBIT, and SOC1/2.
  • Organized with the ability to prioritize and complete tasks within defined service-level agreements (SLAs).
  • Excellent judgment and the ability to make quick decisions when working with complex situations.
  • Working knowledge of network and web related protocols
  • Demonstrable awareness of the latest trends relating to network and web security issues, techniques, and protocols
  • Track record acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
  • Excellent written and oral communication skills; ability to problem solve with little to no supervision.
  • Excellent troubleshooting skills.
EQUIPMENT OPERATED
  • Web Application Firewall (WAF), Bot Mitigation (BotM), DDoS Mitigation, and Secure Coding platforms, and CI/CD pipeline platforms (e.g., Azure DevOps).
ABOUT BRIDGEVIEW  
Founded in 2005, BridgeView provides exceptional technology consulting, project augmentation, and placement services that help organizations and technologists achieve their goals. Our ability to evolve with the market and quickly adapt to client environments makes us a unique alternative to the status quo. It’s why we’ve achieved constant growth since the day we opened our doors, attracting well-known companies and expert talent. With a home base in downtown Denver and a team that embodies a work hard, play hard attitude, BridgeView is a personable but professional partner to you. We’ve won awards and we’ve had great success, but nothing is more rewarding than forming genuine connections with business leaders and technologists. 

Apply for the above role or sign up for job alerts at https://www.bridgeviewit.com/job-alerts/. 

BENEFITS 

  • Medical: Provided by Anthem BCBS 
  • Dental: Provided by Guardian PPO 
  • Vision: Provided by VSP/Guardian PPO 
  • 401K with 4% match that is 100% vested from start  
  • Voluntary Benefits: Accident Insurance, Accidental Death & Dismemberment (AD&D), Short-Term Disability, Life Insurance, Critical Illness 
  • Employee Perks, Personal Discounts: Full access to the Calm app, great discounts through thousands of vendors (Home Depot, AT&T, Target, etc.) 

Michelle.Kirkpatrick

Apply Now