Senior Security Engineer (Web App)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Security Engineer (Web App): Designing, implementing, and providing operational support for an enterprise web application and network security perimeter with an accent on WAF management, API security, bot mitigation, and advanced network firewalling. Focus on securing internet-facing ecosystems, tuning detection logic to reduce false positives, and scaling security posture through DevSecOps automation and Security as Code.
Company
provides staffing and employment services.
What you will do
- Administer and tune enterprise WAF and CDN platforms to defend against OWASP Top 10, API abuse, credential stuffing, and advanced bot threats.
- Architect and manage API security controls including rate limiting, schema validation, and traffic anomaly detection.
- Support incident response for web application security incidents and tune detection logic to minimize disruption to production traffic.
- Administer NGFW environments, secure remote access/ZTNA, and implement network segmentation and SSL decryption strategies.
- Develop security automation using Python and REST APIs; manage security infrastructure with Terraform and integrate security checks into CI/CD pipelines.
- Build real-time dashboards for security posture, threat trends, and remediation metrics; participate in on-call rotation.
Requirements
- Location: Must be based in Columbus, 43215
- 5+ years of combined experience in web application and network security.
- Hands-on experience with enterprise WAF/DDoS mitigation platforms and Next-Generation Firewalls (NGFW).
- Ability to build security automation with Terraform, Python, and Git.
- Strong AppSec knowledge of authentication attacks, SQLi, XSS, and API-specific vulnerabilities.
Culture & Benefits
- On-call rotation for production-critical network/application security incidents.
- For temporary assignments lasting 13 weeks or longer: major medical, dental, vision, and 401k, plus statutory sick pay where required.
- Reasonable accommodations available for individuals with disabilities during the employment process.
- E-Verify participation in certain locations as required by law.
Hiring process
- Interviews and evaluation of security experience and hands-on skills in web/app and network security.
- Assessment of automation/DevSecOps experience (Terraform, Python, CI/CD security integration) and incident response approach.
Location: Columbus, 43215
Salary: $139,400–$164,300 (USD)
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →