Cybersecurity Engineer - Web Application Firewall
Position Summary: The web application firewall analyst provides advanced, hands-on representation of the cybersecurity defense team. Candidates for this technical role must possess a solid understanding of information security and should have held positions in cybersecurity and systems administration. The role also requires an understanding of business and governance processes. Web application firewall (WAF) analyst analysts accept primary responsibility for the overall management lifecycle of the program.
Web application firewall analysts should understand that legacy and present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.
Web application firewall analysts oversee the strategic initiatives for short- as well as long-term plans to identify and reduce the attack surface across applications and systems. Use of automated tools to identify, assess and report is expected, with emphasis placed on effective communication to constituents relying on applications and systems that support their business.
Essential Duties & Responsibilities
Create, deploy, maintain and troubleshoot Web Application Firewalls (WAF) policies for new and existing web applications.
Review vulnerabilities that impact web applications and develop WAF "Virtual Patching" solutions.
Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks.
Review WAF usage and define means to improve and mature protection policies.
Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications.
Interpret web protocol information to determine source, intent, and risk of threat agents.
Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability.
Participate in technical design activities to ensure a sound design and any infrastructure impact is understood.
Create and maintain technical documentation regarding the WAF including network diagrams, policies and operational procedures for managing the infrastructure.
Work closely with Development, QA, DevOPS, Operations, InfoSec, and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks.
Review vulnerability and application scan output and assess where WAF configuration can be used to mitigate attacks.
Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
Work as a team to consistently learn and share advanced skills and foster team excellence.
Support internal and external auditors in their duties that focus on compliance and risk reduction.
Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.
Periodically attend and participate in change management policy discussions and meetings.
Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with WAF controls.
Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.
Liaise with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
Perform other duties as assigned.
Experience & Education
Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices.
Preferably some experience with implementing security solutions across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).
Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface.
Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO).
Capable of scripting in Python, Bash, Perl or PowerShell.
Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.
Bachelor’s degree in Information Security, Information Systems, Computer Science, or equivalent work experience.
At least 3-5+ years’ experience in managing and deploying web application firewalls, application security, or information security administration.
Proficient with cloud WAF solutions such as F5, Imperva, AWS, etc.
Preferably, one or more of the following certifications: CSSLP, CASE, GWEB, CISSP or CRISC.
Experience with infrastructure-as-code (IAC) tools like Terraform, Ansible, Cloud Formation, etc. is preferred
Skills & Abilities Required
Strong interpersonal skills.
Quality written, oral, and presentation skills to communicate business risk and remediation requirements from assessments.
Analytical and problem-solving mindset with an attention to detail.
Ability to function with supervision from other analysts.
Commitment to operational excellence and continuous process improvement.
Willingness to expand security knowledge, skills, and abilities to achieve department initiatives.
Self-starter requiring minimal supervision.
Highly organized and efficient.
Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.
Information Security Web Application Firewall Analyst should have a working knowledge of:
Web Application Firewalls
TLS and certificate management
On-call network troubleshooting
Threat management and response
Role and attribute-based access controls
(RBAC and ABAC)
Foundational routing, switching, segmentation
Virtual Private Networks (VPN)
Security Information and Event Monitoring Tools (SIEM)
To perform the job successfully, an individual should demonstrate the following competencies:
Problem Solving - Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions.
Technical Skills - Pursues training and development opportunities; Strives to continuously build knowledge and skills; Shares expertise with others.
Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness.
Organizational Support - Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization's goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity.
Quality - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.
Adaptability - Changes the approach or method to best fit the situation.
The work environment characteristics described here maybe encountered while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Moderate noise (i.e., business office with computers, phone, and printers, light traffic).
Ability to work in a confined area.
Ability to sit at a computer terminal for an extended period. Occasional stooping or kneeling may be necessary.
While performing the duties of this job, the employee is regularly required to stand, sit, talk, hear and use hands and fingers to operate a computer keyboard and telephone.
Specific vision abilities are required by this job due to computer work.
Light to moderate lifting is required.
Occasional travel is required.
Triumph Bancorp, Inc. and its subsidiaries reserve the right to modify this job description at any time, with or without notice. This job description in no way implies that these are the only duties, to be performed by the employee occupying this position. This job description is not an employment contract, implied or otherwise.
Equal Employment Opportunity Statement: Triumph Bancorp, Inc., and its subsidiaries, provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, or status as a covered veteran in accordance with applicable federal, state, and local laws.
Pay: $104,785 to $162,417/year
$104,785.00 - $162,417.00
Job Reference #: REQ-3353