Senior Web/Network Security Engineer

Manifest Solutions

Columbus, OH

JOB DETAILS
SKILLS
(XSS) Cross Site Scripting, Application Programming Interface (API), Authentication, Automation, Cloud Computing, Computer Security, Content Delivery Network (CDN), Continuous Deployment/Delivery, Continuous Integration, Cryptography, DNS (Domain Name System), Denial of Service (DoS), F5 Network Software, Firewalls, Geolocation, Git, Hunting, Identify Issues, Incident Response, Injections, Internet Application, Internet Security, NAT (Network Address Translation), Network Administration/Management, Network Routing, Network Security, On Call, Onboarding, Production Support, Python Programming/Scripting Language, REST (Representational State Transfer), Remote Access, Reporting Dashboards, Root Cause Analysis, SQL (Structured Query Language), SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Architecture, Security Attacks, Software Administration, Traffic Shaping, VPN (Virtual Private Network)
LOCATION
Columbus, OH
POSTED
2 days ago

Manifest Solutions is currently seeking a Senior Web/Network Security Engineer for an onsite position in Columbus, OH.

  • Design, implementation, and support of enterprise web application and network security solutions.
  • Responsible for securing internet-facing applications through F5 Distributed Cloud WAF, API security, bot protection, and network security technologies including Palo Alto firewalls and secure remote access solutions.
  • Administer and support F5 Distributed Cloud (XC) WAF platform.
  • Deploy and maintain WAF policies, signatures, and security controls.
  • Configure: API Protection, Bot Defense, DDoS Mitigation, Geolocation Policies, Rate Limiting, CAPTCHA Challenges
  • Investigate and tune false positives.
  • Perform application onboarding into WAF services.
  • Conduct WAF policy reviews and optimization.
  • Support incident response involving web application attacks.
  • Understand and mitigate: OWASP Top 10, Authentication attacks. API abuse, Credential stuffing, Session hijacking, Cross-Site Scripting (XSS), SQL Injection, SSRF, CSRF.
  • Review application architectures and recommend security improvements.
  • Partner with development teams during application onboarding and troubleshooting.
  • Network Security Administer and support: Palo Alto Networks, NGFW Prisma, Access Site-to-site VPNs, SSL decryption, NAT and security policies, Network segmentation, DNS and routing troubleshooting.
  • Support production incidents and participate in on-call rotation.
  • Develop automation using: Python REST APIs, Terraform, Git.
  • Build dashboards and reporting around security posture.
  • Automate repetitive operational tasks.
  • Participate in: Incident response, Threat hunting, Security assessments, Vulnerability remediation, Root cause analysis, Architecture reviews

Qualifications:

  • Bot Management
  • API Security
  • DDoS Protection
  • CDN technologies
  • DevSecOps
  • CI/CD pipelines
  • Kubernetes
  • Containers
  • Terraform
  • Certifications: OWASP Foundation certifications, ISC2 CISSP, GIAC certifications, F5 certifications, Palo Alto Networks certifications

About the Company

M

Manifest Solutions