Cybersecurity Engineer - Web Application Firewall (open to remote)
Dallas, TX
Triumph Financial
The Investor Relations website contains information about Triumph Financial, Inc.'s business for stockholders, potential investors, and financial analysts.Join TriumphX!
TriumphX, a member of the Triumph Financial portfolio of brands, provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands – TriumphPay, Triumph and TBK Bank – via a shared service model. We’re looking for top tech and project management talent to analyze, recommend and build strategic solutions that support Triumph Financial’s mission to become a world-class, market-leading financial and technology company.
This is a networking requisition and not a job opening. We are in the process of networking for anticipated future job openings.Position Summary
The web application firewall analyst provides advanced, hands-on representation of the cybersecurity defense team. Candidates for this technical role must possess a solid understanding of information security and should have held positions in cybersecurity and systems administration. The role also requires an understanding of business and governance processes. Web application firewall (WAF) analyst analysts accept primary responsibility for the overall management lifecycle of the program.
Web application firewall analysts should understand that legacy and present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.
Web application firewall analysts oversee the strategic initiatives for short- as well as long-term plans to identify and reduce the attack surface across applications and systems. Use of automated tools to identify, assess and report is expected, with emphasis placed on effective communication to constituents relying on applications and systems that support their business.
Essential Duties & Responsibilities
Create, deploy, maintain and troubleshoot Web Application Firewalls (WAF) policies for new and existing web applications.
Review vulnerabilities that impact web applications and develop WAF “Virtual Patching” solutions.
Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks.
Review WAF usage and define means to improve and mature protection policies.
Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications.
Interpret web protocol information to determine source, intent, and risk of threat agents.
Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability.
Participate in technical design activities to ensure a sound design and any infrastructure impact is understood.
Create and maintain technical documentation regarding the WAF including network diagrams, policies and operational procedures for managing the infrastructure.
Work closely with Development, QA, DevOPS, Operations, InfoSec, and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks.
Review vulnerability and application scan output and assess where WAF configuration can be used to mitigate attacks.
Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
Work as a team to consistently learn and share advanced skills and foster team excellence.
Support internal and external auditors in their duties that focus on compliance and risk reduction.
Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.
Periodically attend and participate in change management policy discussions and meetings.
Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with WAF controls.
Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.
Liaise with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
Perform other duties as assigned.
Experience & Education
Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices.
Preferably some experience with implementing security solutions across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).
Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface.
Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO).
Capable of scripting in Python, Bash, Perl or PowerShell.
Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.
Bachelor’s degree in Information Security, Information Systems, Computer Science, or equivalent work experience.
At least 3-5+ years’ experience in managing and deploying web application firewalls, application security, or information security administration.
Proficient with cloud WAF solutions such as F5, Imperva, AWS, etc.
Preferably, one or more of the following certifications: CSSLP, CASE, GWEB, CISSP or CRISC.
Experience with infrastructure-as-code (IAC) tools like Terraform, Ansible, Cloud Formation, etc. is preferred
Skills & Abilities Required
Strong interpersonal skills.
Quality written, oral, and presentation skills to communicate business risk and remediation requirements from assessments.
Analytical and problem-solving mindset with an attention to detail.
Ability to function with supervision from other analysts.
Commitment to operational excellence and continuous process improvement.
Willingness to expand security knowledge, skills, and abilities to achieve department initiatives.
Self-starter requiring minimal supervision.
Highly organized and efficient.
Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.
Information Security Web Application Firewall Analyst should have a working knowledge of:
Web Application Firewalls
TLS and certificate management
Infrastructure-as-Code (IAC)
On-call network troubleshooting
Network Security
Network protocols
Threat management and response
Role and attribute-based access controls
(RBAC and ABAC)
System administration
Foundational routing, switching, segmentation
Vulnerability scanners
Log analysis
Virtual Private Networks (VPN)
Security Information and Event Monitoring Tools (SIEM)
Competencies
To perform the job successfully, an individual should demonstrate the following competencies:
Problem Solving - Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions.
Technical Skills - Pursues training and development opportunities; Strives to continuously build knowledge and skills; Shares expertise with others.
Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness.
Organizational Support - Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization's goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity.
Quality - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.
Adaptability - Changes the approach or method to best fit the situation.
Work Environment
The work environment characteristics described here maybe encountered while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Moderate noise (i.e., business office with computers, phone, and printers, light traffic).
Ability to work in a confined area.
Ability to sit at a computer terminal for an extended period. Occasional stooping or kneeling may be necessary.
While performing the duties of this job, the employee is regularly required to stand, sit, talk, hear and use hands and fingers to operate a computer keyboard and telephone.
Specific vision abilities are required by this job due to computer work.
Light to moderate lifting is required.
Occasional travel is required.
***Location: Dallas, TX or Remote – U.S. excluding the following states: AK, CT, DE, ID, IN, MD, MA, MS, MT, NE, NC, ND, RI, SD, VT, WA, WV, WY***
#LI-JH1
Triumph Financial, Inc. and its subsidiaries reserve the right to modify this job description at any time, with or without notice. This job description in no way implies that these are the only duties, to be performed by the employee occupying this position. This job description is not an employment contract, implied or otherwise.
Equal Employment Opportunity Statement: Triumph Financial, Inc., and its subsidiaries, provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, or status as a covered veteran in accordance with applicable federal, state, and local laws.
We offer Medical, Dental, Vision, Paid Time Off, 401k and much more.
Go on. Do it. Apply Today!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Application security AWS Azure Bash Certificate management CISSP Cloud Compliance Computer Science CRISC CVSS DevOps Firewalls GCP GLBA Governance HIPAA IPS KPIs Log analysis MITRE ATT&CK Monitoring Network security NIST OWASP Perl PowerShell Python Risk management Scripting SDLC SIEM Strategy Terraform Threat intelligence TLS VPN Vulnerabilities Windows
Perks/benefits: Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs