Security Firewall WAF Engineer
Company Description
Informa is a leading academic publishing, business intelligence, knowledge and events business, creating unique content and connectivity for customers all over the world. It is listed on the London Stock Exchange and is a member of the FTSE 100.
Taylor & Francis Group produces high quality, peer reviewed books and journals. We produce unique, trusted content by expert authors, spreading knowledge and promoting discovery globally. We aim to broaden thinking and advance understanding, providing academics and professionals with a platform to share ideas and realise their individual potential.
Job Description
Security WAF Engineer
The Global Service Delivery Team needs you! We are looking for candidates keen to own and run The Web Application Firewall, that provides the first line of defence for all our digital applications. Working within a small security team alongside Service Owners and a Service Analysts you will be responsible for the defence of our digital platforms by tuning the Web Application Firewall to protect, multiple digital platforms. Our digital content is served to almost every country in the world and supports a turn-over of £550+ Million per annum. The security team you will be joining supports a range of digital products and hosted services including our eBooks, Journals and author systems e.g. Taylor Francis Online, Routledge Handbooks Online and Digital Collections.
You will monitor and tune the WAF against attacks, ensuring that our services are secure.
Experience Required:
· Demonstrable knowledge of defending systems using WAF technologies
· Knowledge of attack lifecycles and threat actor abuse cases
· Understanding of Cybersecurity standards and frameworks, e.g., NIST, CIS, OWASP, SANS.
· Experience in reviewing and analysing log files and data correlation
· Demonstrable experience defending systems when security attacks occur
· Proven experience gained in a similar role.
· Previous experience of working in a Security Operations Centre.
· Scripting Experience
· Understanding of Web Application technologies
Technical Landscape
· Knowledge of a range of technologies will be beneficial to you in executing your day job. Expertise of delivering security in an AWS environment is preferred however experience of working at significant scale is a must with Cloud experience preferred.
· Our environment includes many technologies only some of which are listed: WAF, AWS, NginX, Node JS.
Day to Day
This role demands a thorough understanding of security threats and compromise methods. You will triage cyber security attacks seen on the WAF as they are detected or reported.
You will analyse these attacks, to understand the root cause infiltration/exploitation events. You will then plan and develop the defensive rule changes, including tactical configuration changes and longer term fixes. You will work with the Global Security Incident manager to prioritise the remediation activities and share knowledge with teammates across the business to ensure the resolution of attacks addresses the root cause. Participate in meetings and group work sessions to develop new rulesets on the WAF, to defend new systems as the move through the lifecycle, from development to production.
Strategic Contribution Using your experience of WAF technologies, you will plan the release of strategic fixes to prevent further reoccurrences of incidents. You must be comfortable working with a wide range of stakeholders and technical experts.
Qualifications
You should have held one or more of following qualifications for at least two years, CEH, Comp TIA security +, CISM, CISSP, CCSP, or equivalent
Technical Landscape
Knowledge of a range of technologies will be beneficial to you in executing your day job. Expertise of delivering security in an AWS environment is preferred however experience of working at significant scale is a must with Cloud experience preferred.
Additional Information
What we offer in return:
· 25 days annual leave
· 4 volunteering days annually
· Day off for your birthday
· Pension contributions
· Seasonal social and charitable events
· Training and development
At Taylor & Francis we care about our colleagues, promoting work-life balance, wellbeing and flexible working. We believe that the skills and experience you bring to Taylor & Francis are invaluable. We want you to have the opportunity to develop your abilities, and to innovate and develop in areas which you are passionate about.
Additional Information:
You must have the right to work and live in the UK
This role is based at our Milton Park, Oxford office or may be remote
We would like to thank all applicants in advance and regret that only shortlisted candidates will be notified
Taylor & Francis Group an Informa Business
Informa is a leading academic publishing, business intelligence, knowledge and events business, creating unique content and connectivity for customers all over the world. It is listed on the London Stock Exchange and is a member of the FTSE 100.
Taylor & Francis Group produces high quality, peer reviewed books and journals. We produce unique, trusted content by expert authors, spreading knowledge and promoting discovery globally. We aim to broaden thinking and advance understanding, providing academics and professionals with a platform to share ideas and realise their individual potential.
To find out more about our business and the great career opportunities please go to our Careers Site: http://www.taylorandfrancisgroup.com/careers
We know that sometimes the 'perfect candidate' doesn't exist, and that people can be put off applying for a job if they don't fit all the requirements. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. You could be just what we need! We believe strongly in the value of diversity and creating supportive, inclusive environments where our colleagues can succeed. As such, Informa is proud to be an Equal Opportunity Employer. We do not discriminate on the basis of race, colour, ancestry, national origin, religion, or religious creed, mental or physical disability,
medical condition, genetic information, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity, gender expression, age, marital status, citizenship, or other protected characteristics under local law.