Senior Security Engineer - Web Application & Network Protection
Primary Talent Partners · Columbus, OH · 6 days ago
On-siteInformation Technology$69–$79/hrContract
Responsibilities
- Administer and support F5 Distributed Cloud (XC) WAF platform.
- Deploy and maintain WAF policies, signatures, and security controls.
- Configure: API Protection, Bot Defense, DDoS Mitigation, Geolocation Policies, Rate Limiting, CAPTCHA Challenges.
- Investigate and tune false positives.
- Perform application onboarding into WAF services.
- Conduct WAF policy reviews and optimization.
- Support incident response involving web application attacks.
- Understand and mitigate OWASP Top 10 Authentication attacks, API abuse, Credential stuffing, Session hijacking, Cross-Site Scripting (XSS), SQL Injection, SSRF, CSRF.
- Review application architectures and recommend security improvements.
- Partner with development teams during application onboarding and troubleshooting.
- Administer and support Palo Alto Networks NGFW, Prisma Access, Site-to-site VPNs, SSL decryption, NAT and security policies, Network segmentation, DNS and routing troubleshooting.
- Support production incidents and participate in on-call rotation.
- Develop automation using Python, REST APIs, Terraform, Git.
- Build dashboards and reporting around security posture.
- Automate repetitive operational tasks.
- Participate in Incident response, Threat hunting, Security assessments, Vulnerability remediation, Root cause analysis, Architecture reviews.
Qualifications
- Experience with Bot Management, API Security, DDoS Protection, CDN technologies, DevSecOps, CI/CD pipelines, Kubernetes, Containers, Terraform.
- Preferred certifications: OWASP Foundation certifications, ISC2 CISSP, GIAC certifications, F5 certifications.
Pay & Schedule
$69.00 - $79.00/hr; W2 contract, no PTO, no Benefits. ACA-compliant supplemental package available for enrollment.
Schedule
Not specified.
Benefits
Not specified.