Senior Network Security Engineer

Heredia
Permanente
Tiempo completo

Hace 1 mes

Job description:About the role:The Web Application Firewall (WAF) Security Engineer is a critical role within our Network Security Team team, focusing on protecting internet-facing applications through the implementation and management of WAF solutions. This role is ideal for individuals with strong WAF experience and a proven track record in security policy development and infrastructure as code (IaC) automation.A day in this role:

Design, implement, and manage WAF security policies, with a primary focus on Cloudflare, to protect internet-facing applications.
Continuously refine and improve WAF rules and policies, standardizing operational practices and creating detailed documentation.
Provide L3 level support for operational issues, troubleshoot and resolve complex problems.
Employ infrastructure-as-code (IaC) tooling, particularly Terraform, to automate the provisioning and management of configurations.
Conduct in-depth analyses of web traffic patterns and security logs to identify and mitigate potential threats.
Collaborate with application teams to ensure WAF policies align with security requirements and best practices.
Stay current with emerging web application threats and adjust WAF policies accordingly.

The expertise requested:

At least 5 years of hands-on experience in Web Application Security, with a significant focus on security policy management.
Extensive experience with Cloudflare WAF, including writing and tuning security policies.
Experience with Custom WAF rules such as Firewall Rules, Rate Limiting, Bot Management, Managed Rules. Deeper understanding of performance considerations for an internet facing site such as latency, caching strategies, HTTP/2, and TLS 1.3.
Strong knowledge of web application security concepts, common vulnerabilities (e.g., OWASP Top 10), and attack vectors (DDoS).
Hands-on experience with infrastructure-as-code, particularly Terraform.
Experience with log / data analysis and SIEM tools (e.g., Splunk).
Proficiency in at least one scripting or programming language (e.g., Python, Bash) for automation tasks.
Experience with public cloud providers (AWS, Azure, or GCP) and their native security services.
Familiarity with CI/CD pipelines and version control systems (e.g., Git).
Understanding of network protocols and web technologies (HTTP/HTTPS, SSL/TLS, DNS).
B.S. in Information Technology, Computer Science, or a similar technical program.
Exceptional communication skills, capable of effectively articulating technical concepts to both technical and non-technical audiences.
Strong analytical and problem-solving skills, with meticulous attention to detail.
Proven ability to self-manage, prioritize tasks, and handle ambiguity and rapid changes in priorities.
Demonstrated experience in managing stakeholder expectations and delivering projects within defined timelines.
A commitment to continuous learning and adaptability to new technologies and changing environments.
Attention to detail: able to thoroughly review configurations and policies, identifying gaps in solution designs prior to implementation.

Our Core values are focus to inclusion and diversity, all qualified applicants will be considered for employment and will go thru a fair recruitment process regardless of their race, religion, gender identity, sexual orientation, national origin or disability status.Your journey with us begin begins here!!About UsWe show commitment to our investors and stand for solid, long-term growth performance. Founded in Germany in 1987 and in American territory since 2008, GFT expanded globally to over 10,000 experts. And to more than 15 markets to ensure proximity to clients. With new opportunities from Asia to Brazil, the international growth story continues. We are committed to grow tech talents worldwide. Because our team’s strong consulting and development skills across legacy and pioneering technologies, like GreenCoding, underpin success. We maintain a family atmosphere in an inclusive work environment.Why Choose GFT?

Competitive Compensation
Benefits package including comprehensive medical, dental, vision and others
Company Culture based on our Core Values
Professional Development Training with Individual Development Plans to map out your career growth
Opportunity to work in a global environment with diverse teams built with colleagues from around the world
Opportunity to work with technology industry leaders in the financial services industry
Opportunity to work for big name clients in capital markets, banking and other industries

Not Ready To Apply?Stay connected! Enter your e-mail and we will keep you informed about upcoming events and opportunities that match your interests.

GFT Technologies

Postularse