- Web logs, NetFlow and Packet AnalysisBehavioralPositive personality and can do attitude; you also have good communication skills with an excellent command of the English language.
Principal Systems Engineer - Durham, United States - Fidelity Corp
Description
Job Description:
Principal Perimeter Security EngineerThe job involves performing functions related to Network and Perimeter specialized Security Engineers, including Web Application Firewall, Network and cloud security.
Looking for an energetic, hard charging individual able to keep up in an exciting and fast-moving security operations team that is engaged in several high-profile security projects to enhance Fidelitys security posture.
The candidate will be immersed in a quick changing environment in a very rapid changing threat landscape, working with numerous security professionals.
The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.
The TeamThe Principal Security Engineer will be working on external defense team to ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information.
This role will assist and coordinate with incident response staff, threat intelligence, vulnerability management, and perimeter security teams during response activities and cyber investigations.
This position works closely with our Perimeter operations to ensure proper rule coverage is in place on the WAFs.The Expertise You HaveTechnical:
Strong knowledge of Akamai and AWS WAF for creating and implementing rules.
Experience and working knowledge of AWS Cloudfront and WAFStrong experience in Web application firewall with understanding of API Security.
Good exposure to how to proactively combat OWASP top 10, Account take over , API and other bot external attacks .Evaluate, deploying and managing Akamai / AWS / Azure Web Application Firewall security configuration.
Analyzing web traffic patterns to improve protections.Reviewing policy enforcement change requests; interviewing submitters who have requested security configuration changes and require additional requirements gathering.
Perimeter and cloud security Expert with an outstanding understanding of the latest practices and trends in edge security.
Advance experience on Splunk or other SIEM (Security information and event management) Monitoring. Log Analysis Expertise
Open-minded, empathic and a team-mate with a partnering approach and an enthusiastic and motivated personality, with demonstrated experience in solving complex challengesIntellectually curious and therefore remain abreast of new technologies and developments relating to technical products that might be used enterprise wide and software delivery methodologiesProficient in balancing business partner views and interestsTeam player with excellent interpersonal & communication skills (written and verbal)Senior technical and non-technical Stake holder management skillsThe Skills You BringSecurity experience with any WAF provider, API definitions, custom rules, writing bot management rules and analyzing traffic logs.
Proven experience troubleshooting and simulating HTTP client requests (e.g., curl, postman, HAR file analysis).Strong understanding of core networking concepts (e.g.
TCP/IP, DNS, HTTP, proxy, load-balancing, etc.).Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies.Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments.
Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
Functional understanding of network controls and policies to stop cyber threats.Familiarity with external facing security controls that can stop external attacks that may occur:
such as WAF tuning, Bot management, API protection, network policy governance, troubleshooting.
Familiarity with criminal activities and the attacks that may occur in each layer of the OSI model.
Ability to make information security risk determinations based on intelligence analysis.
Understanding cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest.
Education and CertificationIndustry certifications in cyber security incident management, such as, Certified Information Systems Security Professional (CISSP), GIAC and other related credentials.
AWSCertifications:
Category:
Information TechnologyFidelitys working model blends the best of working offsite with maximizing time together in person to meet associate and business needs.
Currently, most hybrid roles require associates to work onsite all business days of one assigned week per four-week period (beginning in September 2024, the requirement will be two full assigned weeks).
#J-18808-Ljbffr