Job Description

Technical:
Perimeter and cloud security Expert with an outstanding understanding of the latest practices and trends in edge security.
Strong experience in Web application firewall and API Security. Good exposure to how to proactively combat OWASP top 10, Account take over , API and other bot external attacks .
Evaluate, deploying and managing Akamai / AWS / Azure Web Application Firewall security configuration.
Good knowledge of Email Security (EOP), Email Security Network IDS/IPS, WAF, DDoS Control and Cloud Security.
Advance experience on Splunk or other SIEM (Security information and event management) Monitoring. Log Analysis Expertise - Web logs, NetFlow and Packet Analysis
Analyzing web traffic patterns to improve protections.
Reviewing policy enforcement change requests; interviewing submitters who have requested security configuration changes and require additional requirements gathering.
Knowledge of Agile, DevSecOps, Open Source and a programming language is of substantial advantage
Manage Cyber Incidents and other service incidents for WAF and other security technologies
Behavioral
Positive personality and can-do attitude; you also have good communication skills with an excellent command of the English language.
Open-minded, empathic and a team-mate with a partnering approach and an enthusiastic and motivated personality, with demonstrated experience in solving complex challenges
Intellectually curious and therefore remain abreast of new technologies and developments relating to technical products that might be used enterprise wide and software delivery methodologies
Proficient in balancing business partner views and interests
Team player with excellent interpersonal & communication skills (written and verbal)
Senior technical and non-technical Stake holder management skills
The Skills You Bring
7 to 9 years of security experience desired, preferably in a matrix-driven corporate environment.
Mandatory is WAF Operations and E Mail Security is Secondary.
Security experience with any WAF provider, API definitions, custom rules, writing bot management rules and analyzing traffic logs.
Proven experience troubleshooting and simulating HTTP client requests (e.g., curl, postman, HAR file analysis).
Strong understanding of core networking concepts (e.g. TCP/IP, DNS, HTTP, proxy, load-balancing, etc.).
Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies.
Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments.
Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
Functional understanding of network controls and policies to stop cyber threats.
Familiarity with external facing security controls that can stop external attacks that may occur: such as WAF tuning, Bot management, API protection, network policy governance, troubleshooting, and incident response.
Familiarity with criminal activities and the attacks that may occur in each layer of the OSI model.
Ability to make information security risk determinations based on intelligence analysis.
Understanding cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest.