Senior Security Engineer – Web Application & Network Protection; C2H
Listed on 2026-07-13
-
IT/Tech
Cybersecurity, Network Security
Job Title:Senior Security Engineer – Web Application & Network Protection (Contract to Hire)
Location: Columbus, OH (Local Candidates only)
Rate: $70–$79/hour
Work Model: Hybrid (Onsite Tuesday–Thursday, Remote Monday & Friday)
Contract Length: July 27, 2026 – July 26, 2027
Extension / Conversion: Contract-to-Hire
Employment Type: W-2 Only
Work Authorization: U.S. Citizens Only | Green Card holders also eligible; no visa sponsorship available
We are seeking an experienced Senior Security Engineer – Web Application & Network Protection to lead the design, implementation, and support of enterprise web application and network security solutions. This role is responsible for protecting internet-facing applications and critical enterprise services through a combination of web application firewall (WAF) technologies,
API security
, bot protection
, DDoS mitigation
, and network security controls.
The ideal candidate brings a strong mix of application security, network security, cloud security, and automation experience, with hands‑on expertise supporting technologies such as F5 Distributed Cloud WAF
, Palo Alto Networks firewalls
, and secure remote access platforms. This individual will partner across security, infrastructure, networking, cloud, and application teams to strengthen enterprise defenses, improve operational efficiency, and support secure onboarding of business‑critical applications.
This is a strong fit for a cybersecurity engineer who is equally comfortable with security architecture, operational support, incident response, automation, and stakeholder collaboration in a modern enterprise environment.
Key Responsibilities Web Application Security- Administer and support the F5 Distributed Cloud (XC) WAF platform.
- Deploy, configure, and maintain WAF policies, signatures, and security controls for internet-facing applications.
- Configure and optimize protections related to:
- API Protection
- Bot Defense / Bot Management
- DDoS Mitigation
- Geolocation Policies
- Rate Limiting
- CAPTCHA Challenges
- Investigate and tune false positives to balance protection with business usability.
- Perform application onboarding into WAF services and support secure rollout of web-facing applications.
- Conduct policy reviews and continuous optimization of WAF protections.
- Support investigation and response activities related to web application attacks and anomalous traffic.
- Apply strong understanding of common web and API threats, including:
- OWASP Top 10
- Authentication attacks
- API abuse
- Credential stuffing
- Session hijacking
- Cross-Site Scripting (XSS)
- SQL Injection
- SSRF
- CSRF
- Review application architectures and recommend improvements to strengthen security posture.
- Partner with development and engineering teams during application onboarding, remediation, and troubleshooting.
- Help ensure secure design considerations are integrated into enterprise application delivery and support processes.
- Administer and support key network security technologies, including:
- Palo Alto Networks NGFW
- Prisma Access
- Site-to-site VPNs
- SSL decryption
- NAT and security policies
- Network segmentation
- Support DNS and routing troubleshooting related to protected applications and network flows.
- Assist with production security incidents and operational support activities.
- Participate in an on‑call rotation as needed to support enterprise services and incident response.
- Develop and maintain automation solutions using:
- Python
- REST APIs
- Terraform
- Git
- Automate repetitive operational tasks to improve consistency, scalability, and efficiency.
- Build dashboards, reporting, and visibility tools to help monitor security posture and operational performance.
- Support Dev Sec Ops and CI/CD practices by partnering with engineering teams to embed security into deployment pipelines and operational processes.
- Contribute to secure infrastructure and application delivery practices across cloud and containerized environments.
- Participate in:
- Incident response
- Threat hunting
- Security assessments
- Vulnerability remediation
- Root cause analysis
- Architecture reviews
- Support identification and remediation of…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).