Web Application Firewall Engineer in Seattle, WA at Volt

Date Posted: 11/19/2020

Job Snapshot

  • Employee Type:
  • Location:
    Seattle, WA
  • Job Type:
  • Duration:
    0 weeks
  • Date Posted:
  • Job ID:
  • Contact Name
    Volt Branch
  • Phone

Job Description

Job Overview:

The successful candidate for the Web Application Firewall Engineer role will support the deployment of modern Web Application Firewalls across company's ecosystem of products and services. You will develop SIEM alerts and playbooks specific to WAF events that will trigger and support incident response procedures. You will work with world class staff and tools to identify, monitor, and address web-based attacks, while participating in a next-generation security organization. This senior position will drive security solutions relevant to Web Application Firewalls and SIEM use case development.

You’ll be responsible for providing guidance and building real world mitigation steps to identified information risks. The successful candidate will be required to assess security flaws, determine mitigation strategies and drive fixes to resolution. You will apply your strong Application Security background by assessing company's product environment and supporting the deployment of WAF technologies and SIEM configurations.


  • Partner with Product Security, SaaS Operations, and Engineering teams to evaluate, select, and implement WAF services at scale
  • Work with Engineering teams to coordinate WAF on-boarding, explaining and coordinating any architectural or configuration changes required to support WAF deployment
  • Develop new SIEM content (Securonix Snypr) for Security Operations personnel including correlations, enrichment, dashboards, reports, and alerts that appropriately characterize the importance of WAF events
  • Document and develop tools and processes to assist SOC and SIRT personnel in incident response, log collection, and review
  • Alleviate time-consuming SOC analyst tasks and improve SOC processes through Security Orchestration, Automation and Response (SOAR)
  • Develop actionable information in the form of technical indicators, reports, lists, rules, signatures, or signals and warnings


  • 7-10+ years as a Security Engineer with strong Application Security experience
  • Extensive hands on/configuration experience with Web Application Firewalls (Akamai, Imperva, CloudFlare, etc.)
  • Extensive experience with responding to WAF events and developing incident response plans
  • Experience configuring SIEM alerts based on WAF events and correlating them to backend server logs
  • Experience with modern web applications frameworks, their security requirements, and layer 7 attack mitigation (OWASP/SANS)
  • Strong proficiency in AWS and other public cloud platforms
  • Strong scripting skills (bash, python, ruby, Go, etc.)
  • Proficiency with security tools like WhiteSource, Checkmarx, Acunetix, Burp Suite Professional, and/or other application security tools
  • Working knowledge of REST API testing and related tools
  • Working knowledge of JSON, XML, http headers and related REST API authentication / authorization approaches
  • Knowledge of Web Application delivery, CDNs/WAFs, forward and reverse proxies, etc.
  • Excellent written, verbal and presentation skills are essential and required
  • Must be able to work autonomously as well as in team environments, often in stressful, high impact situations

Preferred Qualifications

  • Experience with the Securonix is highly desired
  • Knowledge of security triage and incident handling workflow
  • Familiarity with effective visualizations and dash boarding fundamentals
  • CISSP, SANS technology certifications and other security certifications is a plus

VOLT is an Equal Opportunity Employer