What you'll do...
The Edge Ingress Security team is responsible for defending our eCommerce properties from web-based attacks, DDoS attacks, unwanted scripted traffic, and fraudulent behavior. We are seeking a talented security engineer to assist with:
- WAF policy creation, tuning, and enforcement across global eCommerce sites
- Evaluating ingress (inbound web application traffic flows) security policies and adapting as threat landscape changes
- Maturing our client-side evaluation offering
- Assessing and managing ingress security protection during active attacks
- Managing scripted traffic across all web properties
- Working with network and site teams to ensure protection for all ingress flows
- Build & deploy security infrastructure and manage security operations
- Hands on experience managing a Web Application Firewall (WAF) and DDoS protection
- Detailed knowledge of network and web related protocols (TCP/IP, IPSec, HTTPS, SSL, etc.)
- Strong understanding of web properties and how they operate including CDNs
- Experience with client-side fingerprinting/data collection
- Experience using a log management tool such as Splunk, Kibana, ArcSight, etc.
- Proficient knowledge of at least one scripting language
- Hands on experience with cloud technology; Azure, GCP
Highly Desired Skills:
- Ability to think with a security mindset. A successful candidate has a strong IT background with in depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy.
- Solid understanding of network and security concepts, including Firewalls and DNS
- Strong interpersonal, analytical, problem solving and communication skills
- A desire to work collaboratively in a small, cross functional team
- A strong sense of accountability and self-motivation
- Bachelor’s degree in Information Technology, Computer Science, or related field and 2 years’ work experience OR
- 4 years’ work experience in Information Security in a related discipline
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.
Bachelor's degree in Information Technology, Computer Science or related field and 2 years' experience in information technology or related field within the past 7 years OR 4 years' experience in information technology or related field within the past 7 years.
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.
Certified Intrusion analyst (GCIAs), GIAC Certified Enterprise Defender (GCED), Certified Geographic Information Systems Professional (GISP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials Certification (GSEC), Windows/Linux certification, and/or Security+ certification, Designing, leading, and implementing technology projects., Designing technical solutions in response to customer requests or changes, One of the following scripting/programming languages: Python, Perl, Powershell, VB Script, Ruby, PHP, Bash, C, C++, C#, or .Net, Production support, including problem identification, ticket documentation, and customer and vendor relations, Troubleshooting security infrastructure problems
805 SE MOBERLY LN, BENTONVILLE, AR 72712, United States of America