Cybersecurity Engineer - Web Application Firewall

Bangalore, INDIA, India

Visa

Visa digitaalinen ja mobiilimaksuverkko on eturintamassa uusien maksujen, sƤhkƶisten ja kontaktivarojen maksutekniikan, jotka muodostavat rahan maailman

View all jobs at Visa

Company Description

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

Job Description

Candidate will develop, support, tune and deploy security solutions across Visa.

Ā 

Essential Functions:

  • WebĀ Application Security: Engineering, deployment, and operations of security solutions, including Web Application Firewalls, as well as integration of those platforms with other solutions as required.Ā 
  • Engineers, configures, deploys, and maintains Web Application Firewall solutionsĀ 
  • Maintains scripts for manipulation of multiple data repositories to support analysts
  • Builds alerts/reports to meet the requirements of key stakeholdersĀ 
  • Contributes to automation for security tools management and workflow integrationĀ 
  • Collaboration with key stakeholders within Cybersecurity Engineering teams to develop specific use cases to address web and application security requirements
  • Creates WAF rules to mitigate threats and implement security best practicesĀ 
  • Create and enhance SIEM content for CybersecurityĀ teams,Ā includingĀ correlations, enrichments, dashboards, reports, and alerts that appropriately illustrate and characterize web application attacks and mitigation mechanismsĀ 

Application Security:Ā 

  • Knowledge of SSDLC processes, procedures, and tools
  • Knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing toolsĀ 
  • Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks
  • Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation MechanismsĀ 
  • Strong experience with Web Application Firewall management and rulesĀ 
  • Excellent understanding of common network and web protocolsĀ 
  • Excellent understanding of DDoS, Bot, and ATO techniques and mitigation mechanismsĀ 

Ā 

Cyber Defense and Incident Response:Ā 

  • Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxiesĀ 
  • Prior experience or support of Security Operations and Incident Response
  • Excellent understanding of Cyber Security Operations and Incident Response processesĀ 

Ā 

Infrastructure management and support:Ā 

  • System administration experience with Windows and Unix serversĀ 
  • Experience working in a large enterprise environmentĀ 
  • Experience integrating solutions in a multi-vendor environmentĀ 
  • Familiarity with Atlassian JIRAĀ 

This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Qualifications

Basic Qualifications:
• 2+ years of relevant work experience and a Bachelors degree, OR 5+ years of relevant work experience. Masters graduates must have 2+ years of relevant work experience to qualify.

Preferred Qualifications:
• 3 or more years of work experience with a Bachelor’s Degree or more than 2 years of work experience with an Advanced Degree (e.g. Masters, MBA, JD, MD)
• Experience with one or more: Akamai, AWS Cloudfront, Cloudflare, or other CDN solutions
• Experience with one or more of the following: Imperva WAF, F5 WAF, and CDN Firewall
• Experience with API Security solutions such as Imperva API Anywhere, Cloudflare API Shield, or other similar solutions.
• Expertise in one or more of the following: Python, Perl, shell scripting, C++, Java, Java Script
• Excellent experience in creating Regular Expressions for security polices and rules
• Experience in maintaining and enhancing infrastructure as code with one or more of the following: CloudFormation, Terraform, Chef, Puppet, Jenkins, CodeDeploy
• Experience with using knowledge management and code repositories with Github, Gitlab, Jira, and Confluence
• Experience with Lambda, API Gateway
• Experience with API Security solutions such as Imperva API Anywhere, Cloudflare API
Shield, or other similar solutions.

Additional Information

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index šŸ’°

Job stats:  83  1  0

Tags: API Gateway APIs Application security Automation AWS C CDN Cloudflare CloudFront Confluence Cyber defense DDoS Firewalls GitHub GitLab IDS Incident response IPS Java Jenkins Jira Kali Lambda Open Source OWASP Perl Puppet Python Scripting SIEM SQL SQL injection SSDLC Terraform UNIX Vulnerabilities Web application testing Windows XML XSS

Perks/benefits: Team events

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.