The Cyber Security Engineer - Application Security can be performed working remotely. This role will report to the Manager of Application Security and Configuration Management. In this role, you will be an expert in the strategy, design, administration, and implementation of Azure Web Application Firewall and Application Security. Working in Azure cloud-based technology, you will:
Promote security awareness by participating in agile release trains and enroll new applications in the Application Security Process.
Analyze code for security vulnerabilities, develop software security guidance including training material while executing cloud security best practices,
Secure coding checklists, reusable code, and assist project teams with conceptualization and design of their architecture.
Provide guidance on how cloud solutions are deployed in multiple environments.
Responsible for configuration, testing, and management of the organization's information security architecture
Designs, builds, operates and automates security solutions and processes to protect the integrity of the organization's networks, systems, applications and data
Works as a team member on problems of moderate scope, complexity, or diversity
May lead small projects and typically works on assignments of small to moderate scope in multiple technology platforms/business areas
Responsible for policy development, installation, configuration, testing and maintenance of network and security products such as firewalls, virtual private networks, intrusion detection systems, anti-virus software, vulnerability scanning systems, router, and switches
Conducts security process administration including remediating vulnerabilities. May evaluate and approve firewall requests and VPN access
Recommends and implements solutions
Eradicates signs of intrusion. Participates in identifying and implementing additional security controls
Continually evaluates and upgrades security features
Responds to incidents to identify root causes
Works with internal technology groups, development teams and partners to develop, implement, maintain and monitor security policies and procedures
Manages encryption protocols to protect the organization's data as well as management of authentication and access controls
Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes
Monitors overall compliance with security standards and conducts periodic security audits using techniques such as ethical hacking and penetration testing
Effectively resolves problems and roadblocks as they occur
Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures
Bachelor's degree + at least 1 years or High School/GED + at least 4 years of experience in IT Industry
Knowledge of security protocols and standards, vulnerability assessment tools, packet analyzers, scripting languages and security management suites, penetration testing tools and countermeasures and mitigation techniques applied to web applications
Willing to travel up to/at least 10% of the time for business purposes (within state and out of state)
Prior experience implementing Web Application Firewall design for large scale environments to be transitioned to a RunOps program.
Experience providing Tier-3 support and fine-tuning system parameters and configuration to optimize performance and ensure security utilizing Azure WAF.
Knowledge and experience with both automated tools and manual techniques used to identify web application and web service vulnerabilities and attack methods including the OWASP top 10.
Core understanding of common attack vectors such as buffer overflows, SQL injection, CSRF, XSS, with ability to explain to both software developers and management
Skills and knowledge in application security technologies including Integrated, Dynamic and Static Application Security.
Knowledge of networking protocols.
Strong collaboration skills with Application Security and Development teams to analyze, tune, and evaluate security monitoring effectiveness.
Expertise in the strategy, design, administration, and implementation of Azure Web Application Firewall and Application Security.
Working knowledge in cloud-based technologies.
Strong knowledge in software coding and/or software quality assurance
Solid grasp of cloud foundations such as security, logging, monitoring, ingress/egress, WAF, service control policies, etc.
Must fully understand Microsoft best practices and be able to provide guidance on how cloud solutions are deployed in multiple environments.
Strong knowledge on cloud security best practices and cloud security guidance.
The following information is applicable to Colorado only, in accordance with the Colorado Pay Equity Act. In Colorado, an employee in this position can expect a salary/hourly rate between $76,300.00 and $105,000.00 plus bonus pursuant to the terms of any bonus plan, if applicable depending on experience, seniority, geographic locations, and other factors permitted by law. To review benefits, please click here jobs.walgreens.com/benefits. Walgreens will provide applicants in other states with information related to the positions, to the extent required by state or local law, by calling 1-866-967-5492.