Cyber Security Specialist (WAF)

Our team's mandate is to provide world-class service in Cyber Security as the leading Cyber Security service provider in Thailand and ASEAN Market. You will be joining TDG's Cyber Security team to protect our clients from cybercrime and support multifaceted countermeasures against cyber attacks by Threat Intelligence and remediation automation.

• Engineers, configures, deploys, and maintains Web Application Firewall solutions
• Monitors systems activities and fine tunes system parameters and configuration to optimize performance and ensure security of systems.
• Creates WAF rules/signatures to mitigate threats and implements best practices
• Develop, maintain, test, and troubleshoot cloud web application firewalls and rulesets. The ideal candidate should have hands on experience with cloud web application firewalls at all of the major cloud services providers
• Develops advanced alerts/reports to meet the requirements of key stakeholders
• Collaborates with key stakeholders within Information Security and Engineering teams to develop specific use cases to address specific business needs
• Creation and implementation of custom alerting dashboards in SIEM for investigations
• Works extensively with different stakeholders for tuning WAF policies or creating custom signatures
• Aids in gathering metrics for measuring Performance and Risk
• Provides ongoing support to existing monitoring capabilities and data collection systems.
• Provides development support for the expansion and implementation of new systems.

Your Profile

• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field.
• 3 - 6 years’ experience in Cybersecurity engineering with experience that includes configuring and managing Web Application Firewalls.

EXPERIENCES:

• Experience with any Cloud WAF is a must
• Knowledge on Python Scripting, Perl, Shell scripting
• Excellent experience with Regular Expressions
• Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
• Extensive knowledge of Cloud based Web Application Firewall configuration and management
• Extensive knowledge of web technologies and concepts
• Strong understanding of TCP/IP, web protocols and networking concepts
• Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
• Experience in reviewing and analyzing log files and data correlation
• Excellent Logical and Practical understanding of SSDLC
• Experience with managing Web/Application Servers
• Excellent understanding of PKI Technology
• Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
• Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
• Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
• Experience with Web Application Firewall management and rules
• Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
• Excellent understanding of DDoS techniques and mitigation mechanisms