Information Security Engineer

Job Description

Information Security EngineerLocation: Bangalore / Chennai / Hyderabad / RemoteThe WAF & DDoS Analyst will be responsible for managing and protecting systems, networks, application, and data assets of our site & Corp infrastructure. We are looking for an individual contributor to complement our existing WAF & DDoS team. This will require a strong commitment to getting the job done and an unwavering passion for working on the front-lines of the security field.This is a hands-on technical job. Looking for an experienced candidate with extensive experience with Web Application Firewall policy fine-tuning and administration.QualificationsOver 6 years of experience in Cybersecurity engineering with experience that includes configuring and managing Web Application Firewalls.Web Application Firewall/Security Experience:
• Excellent understanding of DDoS techniques and mitigation mechanisms
• Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
• Extensive knowledge of web technologies and concepts
• Strong understanding of TCP/IP, web protocols and networking concepts
• Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
• Experience in reviewing and analyzing log files and data correlation
• Experience with managing Web/Application Servers
• Scripting/programming using Python
• Excellent understanding of PKI Technology
• Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
• Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
• Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
• Experience with Web Application Firewall management and rules
• Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
• Cyber Defense and Incident Response:
• Solid understanding of Incident Response Process
• Prior experience in Security Operations and Incident Response
• Excellent understanding of Cyber Security Operations, Incident Response processes
Educational, Certifications and Other:Excellent communication skillsExcellent team playerCISSP, SANS GPEN, GXPN, SANS GIAC AWS SecurityOSCP (Offensive SecurityCertifiedProfessional) is a PlusBachelors degree in engineering, computer science, information security, or information systemsResponsibilitiesWeb Application Security:
• Engineers, configures, deploys, and maintains Web Application Firewall solutions
• Develops advanced alerts/reports to meet the requirements of key stakeholders
• Develops automation for security tools management and workflow integration
• Collaborates with key stakeholders within Information Security and Engineering teams to develop specific use cases to address specific business needs
• Creates WAF rules/signatures to mitigate threats and implements best practices
• Creation and implementation of custom alerting dashboards in SIEM for investigations - SPLUNK
• Works extensively with different stakeholders across PayPal for tuning WAF policies or creating custom signatures
• Aids in gathering metrics for measuring Performance and Risk
• Provides ongoing support to existing monitoring capabilities and data collection systems.
• Provides development support for the expansion and implementation of new systems.
• Analyze network traffic and various log data to determine the threat against the target infrastructure, recommend appropriate countermeasures, and assess damage
• Be the single point of contact and the focal point for accepting, collecting, sorting, ordering, and passing on incoming information for the reported security incident events
• Basic understanding of tools and processes used in security incident detection and handling
• Experience with troubleshooting and configuring networking devices, application platforms, and database, Windows and UNIX system administration
• Must have solid understanding of TCP/IP networking, web infrastructure applications, and scripting (Perl, Python, etc.)
• Recommend configuration changes to improve the performance, usability, and value of threat analysis tools
• Must be able to multi-task, work in a fast-paced environment and participate in incident remediation as needed
• Responsible for personal development through enhancement of technical skills and active participation in the team function performance process
• Continue to grow a personal support network by developing and building relationships throughout internal organizations
• Develop effective leadership and teamwork skills

Keyskills :
security engineeringddosinformation securityddos mitigation