VISA (SG) - Sr. Cybersecurity Engineer, WAF

You're an Individual. We're the team for you. Together , let's transform the way the world pays. This is a hands-on technical job. Looking for an experienced candidate with extensive experience with Akamai, Cloudflare and/or Imperva Web Application Firewall policy fine-tuning and administration.

• Candidate will develop, support, tune and deploy Web Application Firewall security solutions across Visa
• Web Application Security: Engineering, deployment, and operations of Web Application Firewall security solutions and integration of those platforms with other security solutions as required
• Performing hands-on Web Application Firewall deployment, configuration, policy fine-tuning and maintenance
• Engineers, configures, deploys, and maintains Web Application Firewall solutions
• Develops advanced alerts/reports to meet the requirements of key stakeholders
• Develops automation for security tools management and workflow integration
• Collaborates with key stakeholders within Information Security and Engineering teams to develop specific use cases to address specific business needs
• Creates WAF rules/signatures to mitigate threats and implements best practices
• Creation and implementation of custom alerting dashboards in SIEM for investigations
• Works extensively with different stakeholders across Visa for tuning WAF policies or creating custom signatures
• Aids in gathering metrics for measuring Performance and Risk
• Provides ongoing support to existing monitoring capabilities and data collection systems
• Provides development support for the expansion and implementation of new systems

• Over 6 years of experience in Cybersecurity engineering with experience that includes configuring and managing Web Application Firewalls
• Experience with Akamai, Cloudflare and/or Imperva is a must
• Expert Python Scripting, Perl, Shell scripting. Development experience in C++, Java, Java Script
• Excellent experience with Regular Expressions
• Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
• Extensive knowledge of Imperva, Akamai and/or Cloudflare Web Application Firewall configuration and management
• Extensive knowledge of web technologies and concepts
• Strong understanding of TCP/IP, web protocols and networking concepts
• Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
• Experience in reviewing and analyzing log files and data correlation
• Excellent Logical and Practical understanding of SSDLC
• Experience with managing Web/Application Servers  
• Scripting/programming using Python
• Excellent understanding of PKI Technology
• Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
• Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks
• Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
• Experience with Web Application Firewall management and rules
• Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
• Excellent understanding of DDoS techniques and mitigation mechanisms
• Solid understanding of Incident Response Process
• Prior experience in Security Operations and Incident Response
• Excellent understanding of Cyber Security Operations, Incident Response processes
• Excellent communication skills
• Excellent team player
• CISSP, SANS GPEN, GXPN, SANS GIAC AWS Security
• OSCP (Offensive Security Certified Professional) is a Plus
• Bachelor’s degree in engineering, computer science, information security, or information systems