Cyber Security Engineer - Application Security (Remote) - Military veterans preferred

2022-07-25
WALGREENS
Other

/yr

  full-time   employee


Deerfield
Illinois
United States

Job Summary

The Cyber Security Engineer - Application Security can be performed working remotely. This role will report to the Manager of Application Security and Configuration Management. In this role, you will be an expert in the strategy, design, administration, and implementation of Azure Web Application Firewall and Application Security. Working in Azure cloud-based technology, you will:

  • Promote security awareness by participating in agile release trains and enroll new applications in the Application Security Process.
  • Analyze code for security vulnerabilities, develop software security guidance including training material while executing cloud security best practices,
  • Secure coding checklists, reusable code, and assist project teams with conceptualization and design of their architecture.
  • Provide guidance on how cloud solutions are deployed in multiple environments.

Job Responsibilities
  • Responsible for configuration, testing, and management of the organization's information security architecture
  • Designs, builds, operates and automates security solutions and processes to protect the integrity of the organization's networks, systems, applications and data
  • Works as a team member on problems of moderate scope, complexity, or diversity
  • May lead small projects and typically works on assignments of small to moderate scope in multiple technology platforms/business areas
  • Responsible for policy development, installation, configuration, testing and maintenance of network and security products such as firewalls, virtual private networks, intrusion detection systems, anti-virus software, vulnerability scanning systems, router, and switches
  • Conducts security process administration including remediating vulnerabilities. May evaluate and approve firewall requests and VPN access
  • Recommends and implements solutions
  • Eradicates signs of intrusion. Participates in identifying and implementing additional security controls
  • Continually evaluates and upgrades security features
  • Responds to incidents to identify root causes
  • Works with internal technology groups, development teams and partners to develop, implement, maintain and monitor security policies and procedures
  • Manages encryption protocols to protect the organization's data as well as management of authentication and access controls
  • Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes
  • Monitors overall compliance with security standards and conducts periodic security audits using techniques such as ethical hacking and penetration testing
  • Effectively resolves problems and roadblocks as they occur
  • Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures

Basic Qualifications
  • Bachelor's degree + at least 1 years or High School/GED + at least 4 years of experience in IT Industry
  • Knowledge of security protocols and standards, vulnerability assessment tools, packet analyzers, scripting languages and security management suites, penetration testing tools and countermeasures and mitigation techniques applied to web applications
  • Experience with security engineering, identity engineering security applications engineering and/or security infrastructure engineering
  • Willing to travel up to/at least 10% of the time for business purposes (within state and out of state)

Preferred Qualifications
  • Prior experience implementing Web Application Firewall design for large scale environments to be transitioned to a RunOps program.
  • Experience providing Tier-3 support and fine-tuning system parameters and configuration to optimize performance and ensure security utilizing Azure WAF.
  • Knowledge and experience with both automated tools and manual techniques used to identify web application and web service vulnerabilities and attack methods including the OWASP top 10.
  • Core understanding of common attack vectors such as buffer overflows, SQL injection, CSRF, XSS, with ability to explain to both software developers and management
  • Skills and knowledge in application security technologies including Integrated, Dynamic and Static Application Security.
  • Knowledge of networking protocols.
  • Strong collaboration skills with Application Security and Development teams to analyze, tune, and evaluate security monitoring effectiveness.
  • Expertise in the strategy, design, administration, and implementation of Azure Web Application Firewall and Application Security.
  • Working knowledge in cloud-based technologies.
  • Strong knowledge in software coding and/or software quality assurance
  • Solid grasp of cloud foundations such as security, logging, monitoring, ingress/egress, WAF, service control policies, etc.
  • Must fully understand Microsoft best practices and be able to provide guidance on how cloud solutions are deployed in multiple environments.
  • Strong knowledge on cloud security best practices and cloud security guidance.
The following information is applicable to Colorado only, in accordance with the Colorado Pay Equity Act. In Colorado, an employee in this position can expect a salary/hourly rate between $76,300.00 and $105,000.00 plus bonus pursuant to the terms of any bonus plan, if applicable depending on experience, seniority, geographic locations, and other factors permitted by law. To review benefits, please click here jobs.walgreens.com/benefits. Walgreens will provide applicants in other states with information related to the positions, to the extent required by state or local law, by calling 1-866-967-5492.