Job Title- Sr. AWS WAF Engineer Location- Durham, North Carolina/Remote Responsibilities As a WAF Security Engineer , you will be responsible for designing, implementing, and managing Web Application Firewalls (WAFs) to protect our applications from various threats and vulnerabilities. You will work closely with our development and IT teams to ensure that our web applications remain secure, performant, and resilient against attacks.
Key Responsibilities: - WAF Implementation & Management: Design, deploy, and configure WAF solutions (such as AWS WAF, Azure WAF, Akamai, GCP or other enterprise WAF platforms) to safeguard web applications.
- Security Monitoring: Monitor and analyze WAF logs and alerts to detect and respond to potential security incidents and vulnerabilities.
- Rule Creation & Tuning: Develop and fine-tune WAF rules and policies to effectively block malicious traffic while minimizing false positives.
- Incident Response: Actively participate in the incident response process, including investigating, mitigating, and resolving security incidents related to web applications.
- Vulnerability Assessment: Collaborate with security and development teams to identify vulnerabilities in web applications and recommend appropriate WAF configurations to address them.
- Documentation & Reporting: Maintain comprehensive documentation of WAF configurations, policies, and procedures. Generate regular reports on security incidents and WAF performance.
- Collaboration: Work closely with DevOps, IT, and development teams to integrate WAF solutions into the application development lifecycle and deployment processes.
- Continuous Improvement: Stay up-to-date with the latest security threats, WAF technologies, and standard processes. Continuously improve WAF configurations and strategies to address emerging threats.
- Offer domain expert (SME) support in various security testing areas, including WAF Proofs of Value (PoV/PoC).
- Contribute security and technical knowledge alongside organizational skills to assist Cyber teams with effective WAF SIEM Use Cases
Qualifications: - Education: Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
- Experience: 10 years of experience in information security with a focus on web application firewalls and security solutions.
- Technical Skills:
- Experience with popular WAF solutions (e.g., AWS WAF, Azure WAF, Akamai, Imperva, F5, etc.).
- Solid understanding of web application security concepts, including OWASP Top Ten vulnerabilities.
- Proficiency in analyzing WAF logs and configuring security rules and policies.
- Knowledge of scripting languages (e.g., Python, Bash) for automation and custom WAF rule development.
- Extensive experience with web-based attack methodologies, including knowledge of tools, payloads, exploits, and countermeasures.
- Knowledgeable in networking, cloud firewalls, and web technologies.
Certifications: Relevant certifications such as CISM, CEH, AWS or similar are preferred.
- Develop and implement comprehensive cybersecurity strategies to protect the organizations assets.
- Supervise the deployment and management of AWS WAF to safeguard web applications.
- Provide expert guidance on security standard processes within the Education domain.
- Conduct regular security assessments and vulnerability testing to identify and mitigate risks.
- Collaborate with multi-functional teams to ensure security measures are integrated into all projects.
- Lead incident response efforts to quickly address and resolve security breaches.
- Design and implement security policies and procedures to align with industry standards.
- Monitor network traffic for unusual activity and potential threats.
- Develop and deliver security training programs for staff to enhance awareness.
- Ensure compliance with regulatory requirements and internal policies.
- Evaluate and recommend new security tools and technologies to enhance the security posture.
- Prepare detailed reports on security incidents and recommend corrective actions.
- Work closely with IT and development teams to ensure secure coding practices.
Qualifications - Possess a deep understanding of AWS WAF and its application in securing web environments.
- Demonstrate extensive experience in the Education domain understanding specific security challenges.
- Exhibit strong analytical skills to identify and mitigate potential security threats.
- Show proficiency in conducting security assessments and vulnerability testing.
- Have superb communication skills to effectively convey security concepts to non-technical staff.
- Display a proactive approach to staying updated with the latest cybersecurity trends and threats.
Certifications Required CISSP CISM AWS Certified Security Specialty
Salary and Other Compensation: The annual salary for this position is between 1,14,500 to 134000. Base depending on experience and other qualifications of the successful candidate.This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans.
Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:
- Medical/Dental/Vision/Life Insurance
- Paid holidays plus Paid Time Off
- 401(k) plan and contributions
- Long-term/Short-term Disability
- Paid Parental Leave
- Employee Stock Purchase Plan
Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Cognizant is recognized as a Military Friendly Employer and is a coalition member of the Veteran Jobs Mission. Our Cognizant Veterans Network encourages Veterans in building and growing a career at Cognizant that allows them to demonstrate the leadership, loyalty, integrity, and dedication to excellence instilled in them through participation in military service.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Equal Opportunity Employer M/F/D/V