VISA (SG) - Sr. Cybersecurity Engineer, WAF

Happyer (Hong Kong, Hong Kong) 19 days ago
Who we're looking for

You're an Individual. We're the team for you. Together , let's transform the way the world pays. This is a hands-on technical job. Looking for an experienced candidate with extensive experience with Akamai, Cloudflare and/or Imperva Web Application Firewall policy fine-tuning and administration.

What you will be doing in this role
  • Candidate will develop, support, tune and deploy Web Application Firewall security solutions across Visa
  • Web Application Security: Engineering, deployment, and operations of Web Application Firewall security solutions and integration of those platforms with other security solutions as required
  • Performing hands-on Web Application Firewall deployment, configuration, policy fine-tuning and maintenance
  • Engineers, configures, deploys, and maintains Web Application Firewall solutions
  • Develops advanced alerts/reports to meet the requirements of key stakeholders
  • Develops automation for security tools management and workflow integration
  • Collaborates with key stakeholders within Information Security and Engineering teams to develop specific use cases to address specific business needs
  • Creates WAF rules/signatures to mitigate threats and implements best practices
  • Creation and implementation of custom alerting dashboards in SIEM for investigations
  • Works extensively with different stakeholders across Visa for tuning WAF policies or creating custom signatures
  • Aids in gathering metrics for measuring Performance and Risk
  • Provides ongoing support to existing monitoring capabilities and data collection systems
  • Provides development support for the expansion and implementation of new systems
Who you are
  • Over 6 years of experience in Cybersecurity engineering with experience that includes configuring and managing Web Application Firewalls
  • Experience with Akamai, Cloudflare and/or Imperva is a must
  • Expert Python Scripting, Perl, Shell scripting. Development experience in C++, Java, Java Script
  • Excellent experience with Regular Expressions
  • Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
  • Extensive knowledge of Imperva, Akamai and/or Cloudflare Web Application Firewall configuration and management
  • Extensive knowledge of web technologies and concepts
  • Strong understanding of TCP/IP, web protocols and networking concepts
  • Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
  • Experience in reviewing and analyzing log files and data correlation
  • Excellent Logical and Practical understanding of SSDLC
  • Experience with managing Web/Application Servers  
  • Scripting/programming using Python
  • Excellent understanding of PKI Technology
  • Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
  • Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks
  • Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
  • Experience with Web Application Firewall management and rules
  • Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
  • Excellent understanding of DDoS techniques and mitigation mechanisms
  • Solid understanding of Incident Response Process
  • Prior experience in Security Operations and Incident Response
  • Excellent understanding of Cyber Security Operations, Incident Response processes
  • Excellent communication skills
  • Excellent team player
  • CISSP, SANS GPEN, GXPN, SANS GIAC AWS Security
  • OSCP (Offensive Security Certified Professional) is a Plus
  • Bachelor’s degree in engineering, computer science, information security, or information systems

VISA (SG) - Sr. Cybersecurity Engineer, WAF

Apply On Company Site
Back to search page
;