Web Application Security Engineer

London, United Kingdom

Applications have closed

Fastly, Inc.

Fastly's edge cloud platform delivers faster, safer, and more scalable sites and apps to customers. Elevate your edge CDN, video delivery, security, and more.

View company page

Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible — at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including Vimeo, Pinterest, The New York Times, and GitHub.

We're building a more trustworthy Internet. Come join us.

Fastly CSOC

Fastly’s Edge Cloud Network is not your average CDN, and we don’t want Fastly’s Customer Security Operations Center to be an average SOC. We’re building a lean and empowered team to address our customer’s security needs with a blend of top talent, efficient processes, and best of breed technology. We want the work we do to be meaningful in providing great protection for the customer, not just ticking a box. 

As part of a new and rapidly growing team within Fastly, Web Application Security Engineers can help to shape the CSOC into the kind of Security Operations Center we all want. We’re leveraging Signal Sciences WAF technology and Fastly’s incredible network to raise the bar on performance, reliability, security, and customer service. Our teams are empowered to build tooling and processes that make operational support tasks easier and scalable. 

Web Application Security Engineer

Leveraging our growing security product suite, our Engineers contribute real world security insights to Fastly and our customers as we address Internet-scale threats.  Web Application Security Engineers function as an escalation point for CSOC Analysts in a globally distributed team. A core responsibility and key performance metric for this role is the effective support of our CSOC analysts, focussed on deep understanding of security and our systems, and developing and supporting security tooling to continue advancing our products, services, and capabilities.

The CSOC team works with our internal platform security and security research, engineering and development teams as well operations and customer organisations internally to deliver support solutions for security threats faced on the Internet today.

What You'll Do

You will be responsible for supporting tooling for, and assisting at times directly with, the analysis and responses to potentially malicious web traffic. The focus will be around attacks at the application layer. You will have the opportunity to work on some of the world’s most scalable distributed systems that handle around 10 million requests per second, as well as the world-class engineers who developed these systems.

  • Focused on delivering great customer experiences
  • Be a good resource on security knowledge to the greater team
  • Be an expert in ensuring security for customers, providing an outstanding response to security issues.
  • Provide deep application-security experience on escalated cases from customers & automated systems.
  • Development of Security Monitoring Systems, troubleshooting and reporting tools
  • Carry out continuous-improvement work & research to drive our customer security products & operations to be the best they can be. 
  • Contribute to the processes and policies that scale our organisation as we grow
  • Create, test, and deploy security content (e.g. WAF rules) in response to CVEs and other emerging threats
  • Provide guidance and training for new Security and Customer Support Engineers
  • Performing threat hunting and developing threat hunting reports.
  • Participation in an on-call rotation for Security Engineering

 

What We're Looking For

  • Software development knowledge in common web languages
  • Infosec background with strong knowledge & practical skills in application security
  • Knowledge of core internet-technologies like DNS, HTTP & TLS and how to debug with common tools
  • Analysis with log visualisation tools (Grafana, Prometheus, Looker, Splunk, Elastic/ELK, or others)
  • Experience working in a SOC , Incident Response Team, Security Research or Security Development capacity
  • Apache/NGINX/IIS or other web server platforms
  • Application server technologies and frameworks
  • Cloud ecosystem knowledge & experience (AWS, GCP or similar)
  • Fluent spoken & written English required, tailoring depth to fit varying audiences

Work Location(s) & Travel Requirements

This position is based out of Fastly’s London office.  Fastly currently embraces a largely hybrid model for most roles which allows employees flexibility to split their time between the office and home. 

This position may require travel as required by your role or requested by your manager.

Salary

Starting salary may vary based on permissible, non-discriminatory factors such as experience, skills, qualifications, and location.

This role may be eligible to participate in Fastly’s equity and discretionary bonus programs.

Why Fastly?

  • We have a huge impact. Fastly is a small company with a big reach. Not only do our customers have a tremendous user base, but we also support a growing number of open source projects and initiatives. Outside of code, employees are encouraged to share causes close to their heart with others so we can help lend a supportive hand.

  • We love distributed teams. Fastly’s home-base is in San Francisco, but we have multiple offices and employees sprinkled around the globe. 

  • We value diversity. Growing and maintaining our inclusive and diverse team matters to us. We are committed to being a company where our employees feel comfortable bringing their authentic selves to work and have the ability to be successful -- every day.

  • We are passionate. Fastly is chock full of passionate people and we’re not ‘one size fits all’. Fastly employs authors, pilots, skiers, parents (of humans and animals), makeup geeks, coffee connoisseurs, and more. We love employees for who they are and what they are passionate about.

We’re always looking for humble, sharp, and creative folks to join the Fastly team. If you think you might be a fit please apply! A fully completed application and resume or CV are required when applying.

Fastly is committed to ensuring equal employment opportunity and to providing employees with a safe and welcoming work environment free of discrimination and harassment. Our employment decisions are based on business needs, job requirements and individual qualifications. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, family or parental status, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.

Consistent with the Americans with Disabilities Act (ADA) and federal or state disability laws, Fastly will provide reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact your Recruiter, or the Fastly Employee Relations team at candidateaccommodations@fastly.com or 501-287-4901. 

Fastly collects and processes personal data submitted by job applicants in accordance with our Privacy Policy. Please see our privacy notice for job applicants.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Application security AWS CDN Cloud CSOC DNS ELK GCP GitHub Grafana Incident response Monitoring Nginx Open Source Privacy Prometheus SOC Splunk TLS

Perks/benefits: Career development Equity Medical leave Parental leave Salary bonus

Region: Europe
Country: United Kingdom
Job stats:  17  4  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.