Cybersecurity Engineer - Web Application Firewalls

Cybersecurity Engineer - Web Application Firewalls

TriumphX provides a concentration of technology and project management resources to the members of the Triumph Financial portfolio of brands – Triumph Pay, Triumph, and TBK Bank – via a shared service model. We’re looking for top tech and project management talent to analyze, recommend and build strategic solutions that support Triumph Financial’s mission to become a world‑class, market‑leading financial and technology company.

The web application firewall analyst provides advanced, hands‑on representation of the cybersecurity defense team. Candidates for this technical role must possess a solid understanding of information security and have held positions in cybersecurity and systems administration. The role also requires an understanding of business and governance processes. The analyst accepts primary responsibility for the overall management lifecycle of the program.

• Create, deploy, maintain, and troubleshoot Web Application Firewall (WAF) policies for new and existing web applications.
• Review vulnerabilities that impact web applications and develop WAF “Virtual Patching” solutions.
• Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise, and reduce false‑positive blocks.
• Review WAF usage and define means to improve and mature protection policies.
• Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications.
• Interpret web protocol information to determine source, intent, and risk of threat agents.
• Provide preventative maintenance, troubleshooting, and quickly resolve problems to ensure infrastructure and application stability.
• Participate in technical design activities to ensure a sound design and any infrastructure impact is understood.
• Create and maintain technical documentation regarding the WAF including network diagrams, policies, and operational procedures for managing the infrastructure.
• Work closely with Development, QA, Dev Ops, Operations, Info Sec, and design engineers to ensure security requirements are met and web applications are adequately protected from cyber‑attacks.
• Review vulnerability and application scan output and assess where WAF configuration can be used to mitigate attacks.
• Maintain awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
• Work as a team to consistently learn and share advanced skills and foster team excellence.
• Support internal and external auditors in their duties that focus on compliance and risk reduction.
• Collaborate with security groups such as red teams, threat intelligence, and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.
• Periodically attend and participate in change‑management policy discussions and meetings.
• Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with WAF controls.
• Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness.
• Liaise with the security engineering team to improve tool usage and workflow, and with the advanced threats and assessment team to mature monitoring and response capabilities.
• Perform other duties as assigned.

• Understanding of Windows and
  * nix operating systems, endpoint applications, networking protocols, and devices.
• Preferably some experience with implementing security solutions across Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
• Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface.
• Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm‑Leach‑Bliley Act (GLBA), National Institute of Standards and Technology (NIST), or International Organization for Standardization (ISO).
• Capable of scripting in Python, Bash, Perl, or Power…