Jobs
>
Dallas

    Cybersecurity Engineer - Dallas, United States - Triumph Financial

    Triumph Financial
    Triumph Financial Dallas, United States

    1 week ago

    Default job background
    Description
    Join TriumphX


    TriumphX, a member of the Triumph Financial portfolio of brands, provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model.

    We're looking for top tech and project management talent to analyze, recommend and build strategic solutions that support Triumph Financial's mission to become a world-class, market-leading financial and technology company.


    Position Summary:
    The web application firewall analyst provides advanced, hands-on representation of the cybersecurity defense team.

    Candidates for this technical role must possess a solid understanding of information security and should have held positions in cybersecurity and systems administration.

    The role also requires an understanding of business and governance processes. Web application firewall (WAF) analyst analysts accept primary responsibility for the overall management lifecycle of the program.


    Web application firewall analysts should understand that legacy and present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach.

    The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.


    Web application firewall analysts oversee the strategic initiatives for short- as well as long-term plans to identify and reduce the attack surface across applications and systems.

    Use of automated tools to identify, assess and report is expected, with emphasis placed on effective communication to constituents relying on applications and systems that support their business.

    Essential Duties & Responsibilities

    Create, deploy, maintain and troubleshoot Web Application Firewalls (WAF) policies for new and existing web applications.
    Review vulnerabilities that impact web applications and develop WAF "Virtual Patching" solutions.

    Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks.

    Review WAF usage and define means to improve and mature protection policies.

    Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications.

    Interpret web protocol information to determine source, intent, and risk of threat agents.
    Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability.
    Participate in technical design activities to ensure a sound design and any infrastructure impact is understood.
    Create and maintain technical documentation regarding the WAF including network diagrams, policies and operational procedures for managing the infrastructure.

    Work closely with Development, QA, DevOPS, Operations, InfoSec, and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks.

    Review vulnerability and application scan output and assess where WAF configuration can be used to mitigate attacks.
    Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
    Work as a team to consistently learn and share advanced skills and foster team excellence.
    Support internal and external auditors in their duties that focus on compliance and risk reduction.

    Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.

    Periodically attend and participate in change management policy discussions and meetings.
    Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with WAF controls.
    Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.

    Liaise with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.

    Perform other duties as assigned.

    Experience & Education

    Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices.
    Preferably some experience with implementing security solutions across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).
    Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface.

    Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO).

    Capable of scripting in Python, Bash, Perl or PowerShell.
    Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.
    Bachelor's degree in Information Security, Information Systems, Computer Science, or equivalent work experience.
    At least 3-5+ years' experience in managing and deploying web application firewalls, application security, or information security administration.
    Proficient with cloud WAF solutions such as F5, Imperva, AWS, etc.
    Preferably, one or more of the following certifications: CSSLP, CASE, GWEB, CISSP or CRISC.
    Experience with infrastructure-as-code (IAC) tools like Terraform, Ansible, Cloud Formation, etc. is preferred

    Skills & Abilities Required
    Strong interpersonal skills.
    Quality written, oral, and presentation skills to communicate business risk and remediation requirements from assessments.
    Analytical and problem-solving mindset with an attention to detail.
    Ability to function with supervision from other analysts.
    Commitment to operational excellence and continuous process improvement.
    Willingness to expand security knowledge, skills, and abilities to achieve department initiatives.
    Self-starter requiring minimal supervision.
    Highly organized and efficient.
    Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.

    Information Security Web Application Firewall Analyst should have a working knowledge of:
    Web Application Firewalls
    TLS and certificate management
    Infrastructure-as-Code (IAC)
    On-call network troubleshooting
    Network Security
    Network protocols
    Threat management and response
    Role and attribute-based access controls
    (RBAC and ABAC)
    System administration
    Foundational routing, switching, segmentation
    Vulnerability scanners
    Log analysis
    Virtual Private Networks (VPN)
    Security Information and Event Monitoring Tools (SIEM)

    Competencies

    To perform the job successfully, an individual should demonstrate the following competencies:
    Problem Solving - Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions.
    Technical Skills - Pursues training and development opportunities; Strives to continuously build knowledge and skills; Shares expertise with others.
    Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness.

    Organizational Support - Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization's goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity.

    Quality - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.

    Adaptability - Changes the approach or method to best fit the situation.

    Work Environment

    The work environment characteristics described here maybe encountered while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
    Moderate noise (i.e., business office with computers, phone, and printers, light traffic).
    Ability to work in a confined area.
    Ability to sit at a computer terminal for an extended period. Occasional stooping or kneeling may be necessary.

    While performing the duties of this job, the employee is regularly required to stand, sit, talk, hear and use hands and fingers to operate a computer keyboard and telephone.

    Specific vision abilities are required by this job due to computer work.
    Light to moderate lifting is required.
    Occasional travel is required.


    Location:
    Dallas, TX or Remote - U

    S excluding the following states:
    AK, CT, DE, ID, IN, MD, MA, MS, MT, NE, NC, ND, RI, SD, VT, WA, WV, WY

    Triumph Financial, Inc. and its subsidiaries reserve the right to modify this job description at any time, with or without notice.

    This job description in no way implies that these are the only duties, to be performed by the employee occupying this position.

    This job description is not an employment contract, implied or otherwise.


    Equal Employment Opportunity Statement:


    Triumph Financial, Inc., and its subsidiaries, provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, or status as a covered veteran in accordance with applicable federal, state, and local laws.

    #LI-JG1

    We offer Medical, Dental, Vision, Paid Time Off, 401k and much more.

    Go on. Do it. Apply Today
    #J-18808-Ljbffr
  • CECO Environmental

    Engineer, Cybersecurity

    2 weeks ago

    CECO Environmental Dallas, United States

    Job Description · Job DescriptionJOB SUMMARY: · The Cybersecurity Engineer is responsible for the execution of the Cybersecurity and IAM strategy, identifying and mitigating cyber threats to the Company. Responsible for designing, documenting, implementing, and maintaining cyber ...

  • Spectral MD Inc

    Cybersecurity Engineer

    15 hours ago

    Spectral MD Inc Dallas, United States

    Job Description · Job DescriptionPosition Summary: · Spectral MD, Inc. is seeking a cybersecurity engineer to join our growing team in Dallas, TX. The cybersecurity engineer should have experience in analyzing, identifying, and measuring the security related threats and vulnerab ...

  • General Motors Financial Company, Inc.

    Cybersecurity Engineer

    2 weeks ago

    General Motors Financial Company, Inc. Dallas, United States

    The Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting, and maintaining systems and procedures; and to identify and mitigate threats to the corporate network, corporate assets and corporate user Security Engineer, Cybersecur ...

  • Tfin

    Cybersecurity Engineer

    5 days ago

    Tfin Dallas, United States

    This is a networking requisition and not a job opening. We are in the process of networking for anticipated future job openings. · Position Summary · The web application firewall analyst provides advanced, hands-on representation of the cybersecurity defense team. Candidates fo ...

  • Trinity Industries

    Cybersecurity Application Security Engineer

    5 days ago

    Trinity Industries Dallas, United States

    Trinity Industries · is searching for a talented team player to fill the open position of · Cybersecurity Application Security Engineer · in our · Dallas, Texas · headquarters. · The Application Security Engineer works within the Information Risk Management team and is a sub ...

  • Symbiotic Corp.

    Senior Network and Cybersecurity Engineer

    6 days ago

    Symbiotic Corp. Dallas, United States

    Job Description · The Senior Network Engineer will be responsible for the full lifecycle of an enterprise LAN/WAN, wired and wireless infrastructure. This is an operations role, and this individual must be able to demonstrate expertise with enterprise network administration (rou ...

  • Southwest Airlines

    Tech Lead Cybersecurity Engineer

    2 weeks ago

    Southwest Airlines Dallas, United States

    Department: · People Our Company Promise · We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Emp ...

  • Publicis Groupe

    Cybersecurity Threat Modeling Engineer

    2 weeks ago

    Publicis Groupe Dallas, United States

    Company Description · Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern ...

  • Resource Informatics Group

    Cybersecurity Engineer

    4 weeks ago

    Resource Informatics Group Irving, United States

    Role: Cybersecurity Engineer · Location: 4 Irving place, NY, NY (HYBRID) · Duration: 12+ months · JOB DESCRIPTION · Seeking a highly motivated candidate who demonstrates strong commitment to operational excellence, possesses technical proficiency in the deployment of cybersec ...

  • TEKsystems

    Engineer, Aviation Cybersecurity

    2 weeks ago

    TEKsystems Dallas, United States Part time

    Engineer, Aviation Security · 12 months (potential to extend/convert) · Hybrid 3 days on site · Top 3-5 skills: · • 5 years of experience supporting cybersecurity technologies · • 5 years of network, server, and application systems engineering experience · • 4 + years' experience ...

  • Southwest Airlines

    Cybersecurity Engineer- Integration Team

    3 weeks ago

    Southwest Airlines Dallas, United States

    Department: · Technology · Our Company Promise · We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above al ...

  • ARCHE

    Sr. Cybersecurity Engineering Mgr

    2 weeks ago

    ARCHE Dallas, United States

    Sr. Cybersecurity Engineering Manager #5978-1 · Job Description: · Job Summary · 100% Remote position. We're looking for a dynamic and highly motivated Sr. Cybersecurity Engineering Manager that is seeking a position with the global leader. This position is within our Global Cy ...

  • Westwood Professional Services

    Cybersecurity Engineer

    3 weeks ago

    Westwood Professional Services Plano, United States

    Overview: · Cybersecruity EngineerWestwood Professional Services, Inc.Westwood Professional Services, Inc. · is seeking to hire a cybersecurity professional to join our team. The position is a hands-on role responsible for protecting Westwood's digital infrastructure, sensitive ...

  • Abacus

    Cybersecurity Engineer

    4 weeks ago

    Abacus Irving, United States

    Job Title : Cybersecurity Engineer · Job DescriptionCybersecurity Engineer assesses, formulates, and executes tasks related to SIEM, IDS/IPS, Privileged Account Management, Certificate Lifecycle Management, WAF, NDR, CI/DI, AIP, EDR, HSM, Threat Analytics, and other Cybersecurit ...

  • T-Mobile

    Sr Cybersecurity Engineer

    2 weeks ago

    T-Mobile Frisco, United States Full time

    Description · The Detection Engineering Sr. Engineer is responsible for continually improving T-Mobile's security detection capabilities while ensuring suspicious/malicious activity is identified quickly and accurately (protecting T-Mobile customers and employees). They will wor ...

  • Veterans Sourcing Group LLC

    Sr Cybersecurity Engineer

    4 weeks ago

    Veterans Sourcing Group LLC Richardson, United States

    Request 10775 has been re-opened as 10968 as there has been a few updates The role is now Hybrid allowing some additional flexibility as well as some small changes to the pre-screening questions. This HM was not seeing the Core AD experience and knowledge that is needed for this ...

  • GM Financial

    Cybersecurity - Incident Response Infrastructure Engineer

    2 weeks ago

    GM Financial Irving, United States

    Overview · Why GM Financial? · Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote. · GM Financial (GMF) is the wholly owned captive finance subsidiary of General Motors and is headquartered in Texas. We are a global provider of auto finance ...

  • GM Financial

    Associate Cybersecurity Engineer

    1 day ago

    GM Financial Fort Worth, United States

    Overview · Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote · Why GM Financial? · GM Financial is the wholly owned captive finance subsidiary of General Motors and is headquartered in Fort Worth, . We are a global provider of auto finance ...

  • Paladin, Inc

    Sr Cybersecurity Engineer

    1 day ago

    Paladin, Inc Richardson, United States

    Paladin Consulting is currently hiring a ­­­­­­­­­­­­­­­­­­­­Sr Active Directory/Systems Engineer to join our team working onsite at our client's office located in Richardson, TX. · We work with companies that offer environments for our employees to contribute, learn, and advance ...

  • Booz Allen Hamilton

    Cybersecurity Engineer

    3 weeks ago

    Booz Allen Hamilton Allen, United States

    As a cybersecurity engineer, you understand the value of hunt-forward operations, and you know that battles are won in the grey. At Booz Allen, you can use your cyberspace operations experience to create solutions that will be executed on a worldwide stage. We're looking for an e ...