Over 6 years of experience in Cybersecurity engineering with experience that includes configuring and managing Web Application Firewalls.
Desired Candidate Profile
Excellent understanding of DDoS techniques and mitigation mechanisms
Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operation
Extensive knowledge of web technologies and concepts
Strong understanding of TCP/IP, web protocols and networking concepts
Expertise in one or more areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
Experience in reviewing and analyzing log files and data correlation
Experience with managing Web/Application Servers
Scripting/programming using Python
Excellent understanding of PKI Technology
Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools
Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.
Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
Experience with Web Application Firewall management and rules
Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.)
Solid understanding of Incident Response Process
Prior experience in Security Operations and Incident Response
Excellent understanding of Cyber Security Operations, Incident Response processes
Excellent communication skills
Excellent team player
CISSP, SANS GPEN, GXPN, SANS GIAC AWS Security
OSCP (Offensive Security Certified Professional) is a Plus
Bachelor’s degree in engineering, computer science, information security, or information systems