Application Security Engineer
Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Overview
As someone enthusiastic about securing a wide variety of applications you are looking for an opportunity to learn about Application Security and contribute to an innovative and technologyoriented environment. As an Application Security Engineer at Esri you will work with our team to secure Esris intellectual property networks and sensitive data against a variety of complex threats with support from all levels of leadership. We collaborate closely with the application development DevSecOps and information security departments to design security into our applications up front perform application layer security testing and assist developers with vulnerability remediation. We welcome you to join Esri where you can make a real difference every day!
Responsibilities
- Create deploy maintain and troubleshoot Web Application Firewall (WAF) policies for existing and new web applications
- Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks
- Review WAF usage and define means to improve and mature protection policies
- Collaborate closely with application developers to analyze findings and implement required remediations or countermeasures
- Help assess and calculate application risks communicate your findings to stakeholders of varying technical skill levels
- Assist leadership with organization of ongoing work across the team policy and documentation creation and preparation of relevant metrics on findings and remediation activity for leadership
- Interpret web protocol information to determine source intent and risk of threats
- Provide operational support troubleshoot and quickly resolve problems
- Create and maintain technical documentation regarding the WAF including network diagrams policies and operational procedures for managing the infrastructure
Requirements
- 2 years of relevant fulltime experience
- Thorough understanding of HTTP TLS DNS
- Knowledge of common web vulnerabilities including those outlined in the OWASP Top 10 and how to mitigate them
- Familiarity with cloud infrastructure network routing and basic infrastructure components
- Moderate understanding of JavaScript and its role in modern web applications
- Demonstrated ability to independently learn and adapt to new technologies
- Strong organizational skills and a detailoriented approach
- Strong verbal and written communication and collaboration skills
- Bachelors in Computer Science or related STEM field
Recommended Qualifications
- Handson experience using web application firewall solutions such as offerings from Akamai AWS F5 or Fortinet
- Experience using Splunk to analyze logs and detect malicious activity
- Proficiency in scripting languages such as JavaScript Python Bash or PowerShell for automation
- Experience using APIs for automation integration or data analysis
- Familiarity with Git
- Understanding of common encoding and encryption schemes and algorithms
#LITM1
#LIHybrid
Employment Type
Full Time
