Senior Security Engineer Web Application & Network Protection

Diversified Technology, Inc.

Columbus, OH

JOB DETAILS
SKILLS
(XSS) Cross Site Scripting, Administrative Skills, Analysis Skills, Application Programming Interface (API), Applications Security, Authentication, Automation, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Science, Computer Security, Content Delivery Network (CDN), Continuous Deployment/Delivery, Continuous Integration, Cryptography, Customer Relationship Management (CRM), DNS (Domain Name System), Denial of Service (DoS), ERP (Enterprise Resource Planning), Energy & Utilities, Enterprise Applications, Enterprise Protection, F5 Network Software, Financial Services, Firewalls, GIAC - Global Information Assurance Certification, Geolocation, Git, Hunting, Identify Issues, Incident Response, Information Technology & Information Systems, Information Technology Consulting, Injections, International Information Systems Security Certification Consortium (ISC)2, Internet Application, Internet Security, Metrics, NAT (Network Address Translation), Network Administration/Management, Network Connectivity, Network Routing, Network Security, On Call, Operational Improvement, Operational Strategy, Problem Solving Skills, Production Support, Python Programming/Scripting Language, Quality Assurance, REST (Representational State Transfer), Remote Access, Reporting Dashboards, Root Cause Analysis, SQL (Structured Query Language), SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Architecture, Security Attacks, Software Administration, Software Design, System Integration (SI), Team Player, Traffic Shaping, VPN (Virtual Private Network)
LOCATION
Columbus, OH
POSTED
4 days ago
WHO WE ARE:
Founded in 2007, DTI (Diversified Technology, Inc.) is a successful African American owned IT Consulting/Staffing firm based in Chicago's Loop.

WHAT WE DO:
We focus on providing delivery, staffing, and supported services such as enterprise integration/implementations including, but not limited to, CRM, EAM, ERP, PMO, and QA. We service clients in SLED (state/local gov't & education), financial services, fortune, public utility, as well as regularly partnering with Big 4 SI partners.

Senior Security Engineer Web Application & Network Protection

Location: Columbus, OH (Onsite/Hybrid as required)
Work Location: 290 W Nationwide Blvd, Columbus, OH 43215-2561, United States
Employment Type: Contract (W2 Only)
Client: Public Utility Client

Important Requirements

  • W2 employment only (No C2C or 1099)
  • U.S. Citizens and Green Card Holders only
  • Experience supporting enterprise cybersecurity environments, preferably within regulated industries such as public utilities, energy, or critical infrastructure.

Position Overview

We are seeking a Senior Security Engineer Web Application & Network Protection to lead the design, implementation, and support of enterprise web application and network security solutions for a large public utility organization.

This role is responsible for securing internet-facing applications using F5 Distributed Cloud (XC) WAF, API security, bot protection, DDoS mitigation, and enterprise network security technologies including Palo Alto Networks firewalls and secure remote access solutions. The ideal candidate combines expertise in web application security, network security, cloud security, and automation to protect critical enterprise services.


Key Responsibilities

Web Application Security

  • Administer and support F5 Distributed Cloud (XC) Web Application Firewall (WAF).
  • Design, deploy, and maintain WAF policies, signatures, and security controls.
  • Configure and manage:
    • API Protection
    • Bot Defense
    • DDoS Mitigation
    • Geolocation Policies
    • Rate Limiting
    • CAPTCHA Challenges
  • Investigate, analyze, and tune WAF false positives.
  • Onboard enterprise applications into WAF services.
  • Perform WAF policy reviews and continuous optimization.
  • Support incident response involving web application attacks.

Application Security

  • Protect enterprise applications against:
    • OWASP Top 10 vulnerabilities
    • SQL Injection
    • Cross-Site Scripting (XSS)
    • Cross-Site Request Forgery (CSRF)
    • Server-Side Request Forgery (SSRF)
    • Authentication attacks
    • API abuse
    • Credential stuffing
    • Session hijacking
  • Review application architectures and recommend security improvements.
  • Partner with development teams during application onboarding and troubleshooting.

Network Security

  • Administer and support:
    • Palo Alto Networks Next-Generation Firewalls (NGFW)
    • Prisma Access
    • Site-to-Site VPNs
    • SSL Decryption
    • NAT
    • Security Policies
    • Network Segmentation
  • Troubleshoot DNS, routing, and enterprise network connectivity issues.
  • Participate in production support and on-call rotations.

Cloud & Security Automation

  • Develop automation using:
    • Python
    • REST APIs
    • Terraform
    • Git
  • Build dashboards and reporting for security posture and operational metrics.
  • Automate repetitive security operations and administrative tasks.

Security Operations

  • Participate in:
    • Incident Response
    • Threat Hunting
    • Security Assessments
    • Vulnerability Management
    • Root Cause Analysis
    • Security Architecture Reviews

Required Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
  • 6+ years of experience in cybersecurity engineering, web application security, or network security.
  • Hands-on experience administering F5 Distributed Cloud (XC) WAF or enterprise WAF platforms.
  • Strong experience with Palo Alto Networks NGFW and Prisma Access.
  • Experience implementing API Security, Bot Protection, and DDoS mitigation.
  • Strong understanding of OWASP Top 10 and secure application design principles.
  • Experience troubleshooting enterprise networking, VPNs, DNS, NAT, routing, and firewall policies.
  • Experience with Python scripting, REST APIs, Git, and Terraform.
  • Excellent analytical, troubleshooting, and communication skills.

Preferred Qualifications

Experience with:

  • Bot Management
  • API Security
  • DDoS Protection
  • CDN Technologies
  • DevSecOps
  • CI/CD Pipelines
  • Kubernetes
  • Containers
  • Terraform

Preferred Certifications

  • OWASP Foundation Certifications
  • ISC2 CISSP
  • GIAC Certifications
  • F5 Certifications
  • Palo Alto Networks Certifications

What We're Looking For

  • Strong expertise in enterprise web application and network security.
  • Experience securing mission-critical internet-facing applications.
  • Ability to automate security operations and improve operational efficiency.
  • Excellent collaboration skills with infrastructure, development, and security teams.
  • Strong problem-solving abilities and experience working in regulated enterprise environments.
Pay rate:

Please click on the link below for our company benefits
https://docs.google.com/document/d/1q2mHf0U1akaC1ZKC65-VyyG3FrKBGNCahx3WpS2mj7M/edit?usp=sharing

DTI is an Equal Opportunity Employer. We do not discriminate based on race, color, religion, sex, gender identity, sexual orientation, national origin, ancestry, age, disability, marital status, veteran status, or any other protected characteristic under Illinois state or federal law. All qualified applicants are encouraged to apply, and employment decisions are based solely on merit, qualifications, and business needs.

About the Company

D

Diversified Technology, Inc.