Senior Information Security Engineer

• Lead or participate in computer security incident response activities for moderately complex events
• Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
• Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals

• 4+ years of Information Security Engineering experience
• 2+ years of in-depth knowledge and troubleshooting of HTTP based Web Applications
• 2+ years knowledge and understanding of implementing WAF signatures or virtual patches
• 2+ years of hands-on experience with Web Application Firewall technologies (Akamai cloud based WAF, Imperva on prem WAF, F5 on prem WAF)
• 2+ years of intermediate to advanced level experience with scripting/automation using tools such as: Bash, Ansible, Playbook/Role Development, PowerShell, Python, etc.
• 2+ years advanced understanding of Network concepts like DNS, Firewall and Load Balancing
• 1+ years of proven experience with change and incident management practices in medium to large enterprise environments
• 1+ years of Agile Scrum or Kanban methodologies
• 1+ years of basic understanding of TLS, Certificates, and MTLS

• Strong verbal, written, and interpersonal communication skills
• Knowledge and understanding of application firewalls
• Knowledge and understanding of data security: firewalls and perimeter security
• Knowledge and understanding of network or network security
• Knowledge and understanding of network security and network protocols
• Knowledge and understanding of network security architectures and standards development
• Knowledge and understanding of network security firewall hardware, software, and configurations
• Knowledge and understanding of network security including firewalls and IDS
• Knowledge and understanding of web application: firewall concepts or security certifications
• Information Security Frameworks and standards (FFIEC, NIST, ISO) experience

Hybrid work schedule