Cybersecurity Engineer - Web Application Firewall

Candidate will develop support tune and deploy security solutions across Visa.

Essential Functions:

• Web Application Security: Engineering deployment and operations of security solutions including Web Application Firewalls as well as integration of those platforms with other solutions as required. 
• Engineers configures deploys and maintains Web Application Firewall solutions 
• Maintains scripts for manipulation of multiple data repositories to support analysts

• Builds alerts/reports to meet the requirements of key stakeholders 
• Contributes to automation for security tools management and workflow integration 
• Collaboration with key stakeholders within Cybersecurity Engineering teams to develop specific use cases to address web and application security requirements
• Creates WAF rules to mitigate threats and implement security best practices 

• Create and enhance SIEM content for Cybersecurity teams including correlations enrichments dashboards reports and alerts that appropriately illustrate and characterize web application attacks and mitigation mechanisms 

Application Security: 

• Knowledge of SSDLC processes procedures and tools
• Knowledge of open source and commercial application security tools and frameworks including but not limited to Kali Web application testing tools 

• Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting cross-site request forgery SQL injection DoS attacks XML/SOAP and API attacks
• Excellent understanding of OWASP Risks Vulnerabilities and Mitigation Mechanisms 
• Strong experience with Web Application Firewall management and rules 
• Excellent understanding of common network and web protocols 

• Excellent understanding of DDoS Bot and ATO techniques and mitigation mechanisms 

Cyber Defense and Incident Response: 

• Solid understanding of events related fields in log records and alerts reported by various data sources such as Windows/Unix systems IDS/IPS AV HIDS/HIPS WAFs firewalls and web proxies 
• Prior experience or support of Security Operations and Incident Response
• Excellent understanding of Cyber Security Operations and Incident Response processes 

Infrastructure management and support: 

• System administration experience with Windows and Unix servers 
• Experience working in a large enterprise environment 
• Experience integrating solutions in a multi-vendor environment 
• Familiarity with Atlassian JIRA 

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications :

Basic Qualifications:
2 years of relevant work experience and a Bachelors degree OR 5 years of relevant work experience. Masters graduates must have 2 years of relevant work experience to qualify.

Preferred Qualifications:
3 or more years of work experience with a Bachelors Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters MBA JD MD)
Experience with one or more: Akamai AWS Cloudfront Cloudflare or other CDN solutions
Experience with one or more of the following: Imperva WAF F5 WAF and CDN Firewall
Experience with API Security solutions such as Imperva API Anywhere Cloudflare API Shield or other similar solutions.
Expertise in one or more of the following: Python Perl shell scripting C Java Java Script
Excellent experience in creating Regular Expressions for security polices and rules
Experience in maintaining and enhancing infrastructure as code with one or more of the following: CloudFormation Terraform Chef Puppet Jenkins CodeDeploy
Experience with using knowledge management and code repositories with Github Gitlab Jira and Confluence
Experience with Lambda API Gateway
Experience with API Security solutions such as Imperva API Anywhere Cloudflare API
Shield or other similar solutions.

Additional Information :

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Remote Work :

No

Employment Type :

Full-time