Security Web Application Firewall

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Are you passionate about cybersecurity and looking for an exciting role where you can make a difference? If so, we have an opportunity for you!

As a Web Application Firewall and Security Specialist, you will be responsible for designing, implementing, and maintaining web application firewalls to protect our clients' web applications from cyber threats. You will work closely with our security team to develop strategies and solutions that enhance the security posture of our clients' web applications.  You will be responsible for analyzing traffic patterns, configuring and tuning WAF policies, and responding to security incidents to mitigate risks.

Key Responsibilities:

• Build, deploy, implement, upgrade, and maintain Imperva web application firewall gateways and consoles from test to production environments

• Monitor WAF alerts / logs and analyze web traffic to identify and mitigate security threats.

• Investigate attacks, such as DDoS, SQL injection, other OWASP Top 10 threats

• Continuously improve WAF configurations and policies based on emerging threat intelligence and attack vectors

• Collaborate with the security and applications teams to develop and implement security policies and procedures.

• Provide technical support and guidance to clients regarding web application security.

• Deploy, configure, and maintain network IDS tools across test and production networks

• Monitor network traffic for suspicious behavior and generate actionable alerts.

• Analyze IDS alerts and correlate with other security data sources to identify potential threats.

• Develop and maintain detection rules and signatures to improve threat detection capabilities.

• Perform regular system health checks and ensure high availability of IDS infrastructure.

• Document detection logic, tuning decisions, and incident response procedures.

• Deploy Guardium Data Security Manager in test and production environments

• Implement encryption solutions for structured and unstructured data, including volume, folder, and file-level encryption

• Integrate Guardium Application Encryption (GAE) and Guardium Tokenization (GTO) for application-level data security

• Implement key rotation and automated key versioning

• Create security policies for data encryption and access control

• Integrate with SIEM/SIM for compliance reporting and threat detection

• Troubleshoot and resolve issues related to encryption and key management

• Stay up-to-date with the latest security trends and technologies.

Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.

Who You Are

You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others.

Required Skills and Experience

• Bachelor's degree in Computer Science, Computer Engineering, Information Technology, or a related field.

• Certifications such as CISSP, CEH, or similar are preferred

• 5+ years experience in web application security (OWASP Top 10 threats)

• 5+ years experience with web application firewall technologies such as Imperva

• 3+ years of experience in network security or IDS/IPS engineering

• Proficiency in Guardium Data Encryption (GDE), Guardium Application Encryption (GAE), and Guardium Tokenization (GTO)

• Excellent understanding of security standards and best practices e.g., ISO27001, NIST

• Strong knowledge of web application security protocols (HTTPS, REST, SOAP, TLS, Digital certificates) and best practices.

• Strong understanding of encryption algorithms, key management protocols, and security best practices

• Experience with network protocols / concepts, TCP/IP, packet analysis, DNS, CDN, load balancers, and network troubleshooting

• Experience with Cisco ASA firewalls, Switches, VPN, and endpoint detection technologies.

• Excellent problem-solving skills and attention to detail.

• Familiarity with security tools and platforms for vulnerability scanning, threat detection and analysis (Splunk, Qradar, Tenable, SentinelOne, etc)

• Strong communication and interpersonal skills.

• Knowledge of scripting / programming languages such as Bash, Python, Perl, Java, etc.

• 24 x 7 on call support

Being You

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.  At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.