Senior Security Engineer - Web Application & Network Protection

Dale Workforce Solutions

Columbus, OH

JOB DETAILS
SKILLS
(XSS) Cross Site Scripting, Application Programming Interface (API), Applications Security, Authentication, Automation, Cloud Computing, Cryptography, DNS (Domain Name System), Denial of Service (DoS), F5 Network Software, Firewalls, Geolocation, Git, Hunting, Identify Issues, Incident Response, Injections, Internet Application, Internet Security, NAT (Network Address Translation), Network Security, On Call, Onboarding, Production Support, Python Programming/Scripting Language, REST (Representational State Transfer), Remote Access, Reporting Dashboards, Root Cause Analysis, SQL (Structured Query Language), SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Architecture, Security Attacks, Software Administration, Traffic Shaping, VPN (Virtual Private Network)
LOCATION
Columbus, OH
POSTED
4 days ago

Position Summary:

We are seeking a Senior Cybersecurity Engineer to lead the design, implementation, and support of enterprise web application and network security solutions. This role will be responsible for securing internet-facing applications through F5 Distributed Cloud WAF, API security, bot protection, and network security technologies including Palo Alto firewalls and secure remote access solutions.

The ideal candidate possesses a blend of application security, network security, and cloud security experience and is passionate about protecting critical enterprise services.


Responsibilities:

Web Application Security

  • Administer and support F5 Distributed Cloud (XC) WAF platform.
  • Deploy and maintain WAF policies, signatures, and security controls.
  • Configure:
    • API Protection
    • Bot Defense
    • DDoS Mitigation
    • Geolocation Policies
    • Rate Limiting
    • CAPTCHA Challenges
  • Investigate and tune false positives.
  • Perform application onboarding into WAF services.
  • Conduct WAF policy reviews and optimization.
  • Support incident response involving web application attacks.

Application Security

  • Understand and mitigate:
    • OWASP Top 10
    • Authentication attacks
    • API abuse
    • Credential stuffing
    • Session hijacking
    • Cross-Site Scripting (XSS)
    • SQL Injection
    • SSRF
    • CSRF
  • Review application architectures and recommend security improvements.
  • Partner with development teams during application onboarding and troubleshooting.

Network Security

  • Administer and support:
    • Palo Alto Networks NGFW
    • Prisma Access
    • Site-to-site VPNs
    • SSL decryption
    • NAT and security policies
    • Network segmentation
    • DNS and routing troubleshooting
  • Support production incidents and participate in on-call rotation.

Cloud & Automation

  • Develop automation using:
    • Python
    • REST APIs
    • Terraform
    • Git
  • Build dashboards and reporting around security posture.
  • Automate repetitive operational tasks.

Security Operations

Participate in:

  • Incident response
  • Threat hunting
  • Security assessments
  • Vulnerability remediation
  • Root cause analysis
  • Architecture reviews

About the Company

D

Dale Workforce Solutions