General Description: The candidate applies subject matter expertise of Imperva Web Application Firewall, service oriented architecture, and web services in support of a web application hosting infrastructure. Candidate is responsible for performing ongoing maintenance, to include ensuring devices comply with enterprise security policies. Candidate works with application development teams to configure devices to support new and changing application requirements. Candidate coordinates with architecture groups to generate product roadmaps. This position requires development and deployment expertise, as well as experience troubleshooting incidents.
Typical Duties: Manages and monitors web application rules and policies across the enterprise. Manages the day to day governance of the enterprise web application firewalls, database firewall, and other security controls. This includes configuration tuning, troubleshooting, as well as defining and executing escalation criteria. Work with engineering teams to tune control systems to best meet the need of the business. Troubleshoots incidents in development and production environments. Meets with auditors to provide implementation details and compliance data. Works with application and operations teams to ensure successful upgrades of infrastructure components and application code. Participates in incident and change management processes. Creates and maintains work instructions and deployment documentation. Provides after-hours on-call support.
Required Skills and/or Product Knowledge:
Expert level experience with the Imperva Web Application Firewalls, preferably version 11 or greater.
Demonstrated knowledge of maintaining web application rules and policies
Subject Matter Expert experience level.
Experience with IDS/IPS networking devices in a production environment.
Thorough knowledge of the OSI stack with an understanding of how these layers are utilized within a web-based application.
Thorough understanding of how web applications are deployed in a load balanced infrastructure.
Knowledge of SSL/TLS traffic handling and encrypt/decrypt policies.
Ability to document security governance processes and work instructions.
A strong attention to detail
Ability to interact with personnel at all levels across the organization and to comprehend business imperatives.
A strong customer/client focus with ability to manage expectations appropriately and provide superior customer/client experience and build long-term relationships.
The following skills and experience are preferred:
Experience with other web application firewall products and/or security technologies.
Bachelor’s degree in information systems or relevant field of study.
CISSP or other security certification.
Excellent data analysis skills using standard office tools are required.
Excellent communications skills (verbal and written) are required.
Experience in an ITIL environment and working with a service ticketing system
Experience with other Firewalls
Experience with Load Balancers
Experience with DNS
Experience with Unix