Offer summary

Qualifications:

Strong background in web and API security, with knowledge of WAFs and attack mitigation., Experience in managing and securing production web environments., Proficiency in scripting and programming languages like JavaScript and Python., Familiarity with cybersecurity threat landscape, incident investigation, and threat hunting..

Key responsibilities:

Monitor and analyze security events to identify threats and respond promptly.

Collaborate with global teams and assist in security metrics collection and analysis.

Audit security measures and assist in implementing security policies and procedures.

Participate in incident investigations, threat hunting, and process improvements.

Job description

This is a remote position.

What You'll Be Doing

Monitoring, identifying and analyzing events from a range of sources to spot threats and respond to such incidents with a sense of urgency
Collaborating with globally dispersed teams to accomplish tasks
Assisting in the collection of metrics to measure the efficiency of Security Operations functions
Auditing the effectiveness of security measures to check if the systems meet the Security compliance norms
Assisting in implementation of security policies and procedures
Fine-tuning of the process and eventually updating standard operating procedures for the team
Participating in various stages of incident investigations and threat hunting engagements
Working closely with internal company teams (such as Product, Customer Success, etc.)

Requirements

Must have a solid exposure to web, API security, coding standards, WAFs advanced persistent threat actors, botnets (off the shelf and custom) and attack mitigation.
Knowledge in managing, securing and preparing production web environments
Familiar with Threat Hunting - Web/ API, web hacking, web data analysis or WAF hands-on experience.
Have an in-depth knowledge of the web technology and web application security field.
Have a deep understanding of the cybersecurity threat landscape, and the attackers mindset.
Have experience in scripting and programming (JavaScript, Python, etc.)
Show an interest in analysing industry trends and market demands to recommend product enhancements and new sources of intelligence
Demonstrate an interest in working with data and metrics as applied to security with respect to large data sets
Be a great collaborator and communicator, be curious and want to innovate

Nice to Have

Experience developing bot-nets and whitehat hacking
Hands on knowledge on Web security modules and secure configuration
Hands-on experience and proficiency in API test automation and standardisation
Experience and solid knowledge on computer and network security
Must have practical experience managing Agile Release Management and maintaining a scalable SDLC
Strong knowledge on Role Based Access Control (RBAC) for Web applications
Integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production
Mentor development teams, review pull requests, and guide evolution of the development pipeline
Experience with modern application packaging, deployment, containerisation, bug tracking tools and other supporting tools ( Jenkins, Docker, Kubernetes, etc.)
Familiar with ISMS (ISO/IEC 27001), SOC2, NIST Cybersecurity Framework, CIS Controls and Open Web Application Security Project