Signet Jewelers: Web App Firewall Security Engineer (Remote)

Related keywords: ecommerce remote jobdevops remote jobdata engineer remote job

Company Overview

Signet Jewelers is renowned as the world's largest retailer of diamond jewelry, operating over 2,800 stores worldwide. The company prides itself on its diverse brand portfolio, which includes Kay Jewelers, Zales, Jared, H. Samuel, Ernest Jones, Peoples, Banter by Piercing Pagoda, Rocksbox, JamesAllen.com, and Diamonds Direct. At the core of Signet's philosophy is a people-first approach, emphasizing empowerment, collaboration, and community service. The company actively fosters a culture of diversity, inclusion, and equity among its workforce.

Job Title

Signet Jewelers is seeking a Web App Firewall Security Engineer specializing in web application and edge security operations.

Location

This role is designated as remote, allowing candidates to work from anywhere.

Position Summary

As a WAF Security Engineer, you will be responsible for protecting high-traffic ecommerce applications and APIs through enterprise-level Web Application Firewall (WAF) operations. The role includes hands-on management of Akamai security platforms and support for additional WAF technologies. This position requires a nuanced understanding of web application threats and the capability to balance security enforcement with user experience within production environments.

Responsibilities

The job involves a multitude of tasks:

• Subject Matter Expertise: Serve as the primary expert on enterprise WAF platforms, with detailed ownership of Akamai and operational support for Imperva and AWS WAF.

• Policy Management: Design, deploy, configure, and manage WAF policies to protect web applications and APIs while optimizing security rules to prevent threats and enhance performance.

• Configuration Maintenance: Configure and maintain Akamai security tools like Bot Manager, Rate Control, Client Reputation, and API Security.

• Monitoring and Analysis: Actively monitor and analyze security events, attack traffic, and bot activity, particularly focusing on the OWASP Top 10 threats and Distributed Denial of Service (DDoS) attempts.

• Policy Optimization: Conduct ongoing reviews of rules and policy optimizations to minimize false positives while ensuring stability during WAF updates.

• Incident Response: Participate in responding to incidents related to web-layer and edge threats.

• Reporting: Develop and maintain WAF effectiveness metrics, including blocking accuracy and attack trends.

• Documentation: Keep comprehensive documentation of configurations, procedures, and operational standards.

• Collaboration: Partner with the Application Security Team to assess the exploitability of identified vulnerabilities and support secure deployment practices.

• Development Support: Assist development teams in comprehending web-layer threats and mitigation strategies, as well as develop lightweight automation scripts to enhance processes.

  

• Continuous Learning: Stay updated on emerging threats and platform updates.

Qualifications

To qualify for the Web App Firewall Security Engineer position, candidates are expected to meet the following educational and professional criteria:

• Education: A Bachelor’s Degree in Computer Science, Management Information Systems, or a related field, or an equivalent blend of experience.

• Experience: A minimum of 3-5 years of hands-on experience in operating and tuning Web Application Firewalls within enterprise or high-traffic environments.

• Technical Skills: Proficient hands-on experience with Akamai security products is mandatory. A comprehensive understanding of web application security concepts, especially the OWASP Top 10, is required.

• Knowledge Base: Knowledge of HTTP, HTTPS, TLS, DNS, and CDN architectures in cloud environments.

• Analytical Skills: Experience in analyzing security logs, traffic patterns, and malicious attack behavior is crucial.

• Policy Tuning: Demonstrated skills in policy tuning that minimize false positives without disrupting active production traffic.

• Change Management: Experience in production change management processes is a plus.

• Scripting Skills: Basic scripting skills in Python, Bash, or familiarity with REST APIs are favored.

Preferred Qualifications

• Knowledge and experience with Imperva and/or AWS WAF are advantageous.
• Experience in supporting high-volume ecommerce or retail environments is preferred.
• Familiarity with PCI security requirements.
• Capability to work with distributed development and DevOps teams is a plus.

Salary

The salary range for the Web App Firewall Security Engineer position is between $106,000 and $160,000. The base pay may vary depending on geographic location, internal equity, related knowledge, skills, and experience.

Benefits

Signet Jewelers offers a competitive benefits package that includes:

• Healthcare, dental, and vision insurance.
• 401(k) matching after one year of employment.
• Generous time off plus company holidays.
• Merchandise discount.
• Opportunities for learning and development programs, and much more!

Conclusion

This role offers a dynamic opportunity for individuals passionate about cybersecurity in the ecommerce sector. With a focus on operational excellence, continuous learning, and a people-first approach, candidates are encouraged to apply and contribute to the important work of protecting consumer data and enhancing user experience in a leading retail environment.

This job offer was originally published on weworkremotely.com