Job Title:

Information Security Engineer II

Overview:

1. Overview
We are seeking a skilled and experienced security professional to manage and enhance our web application security infrastructure. The ideal candidate will bring expertise in application and network security, with a strong foundation in managing WAF platforms such as Imperva. This role requires a deep understanding of modern security frameworks, cloud environments, and incident response practices to ensure robust protection across systems.

2. Role
Manage and optimize the Imperva Web Application Firewall (WAF) or similar platforms.

Conduct application security assessments aligned with OWASP Top 10 and other industry standards.

Administer and review AWS IAM policies, roles, and access controls.

Support and maintain firewall infrastructure, with an emphasis on Palo Alto Networks.

Collaborate with IT and security teams to manage secure network architecture including load balancers, routers, and virtualized environments.

Drive incident response efforts, including root cause analysis, documentation, and mitigation strategies.

Participate in infrastructure design reviews to enforce security best practices.

Engage in security governance and compliance activities, contributing to a secure SaaS and cloud-based operational environment.

3. All About You / Experience
Proven experience managing Imperva WAF or similar web security platforms.

In-depth knowledge of OWASP Top 10, NVD databases, and CVSS scoring systems.

Strong background in application security testing and assessments.

Hands-on experience with AWS IAM, including creation of security policies and role-based access control.

Proficiency in core networking protocols and technologies: TCP/IP, HTTP, DNS, SSL/TLS, APIs, HTML, and JavaScript.

Familiarity with firewall systems, especially Palo Alto Networks.

Working knowledge of load balancing, network routing and switching, and virtualization platforms.

Demonstrated experience in security incident response, problem tracking, and reporting.

Understanding of IT infrastructure design with a security-first approach.

Exposure to AWS security controls and SaaS platforms is highly desirable.

Relevant certifications such as CISSP, AWS Security Specialist, or equivalent are preferred.