C3
TSTS
The Web Application Security team is responsible for deploying and maintaining the Firm's internet facing web application security controls.
The technology and solution stack spans all internet facing web applications of the Institutional Security and Wealth Management Businesses. It consists of home-grown software, 3rd party software, open source products, appliances, and auxiliary services and solutions.
We are looking for a fungible, enthusiastic analyst/technologist with excellent analytical, organizational and communication skills to expand our Web Application Firewall (WAF), Bot Management, CVA protection and API Security Controls team. The successful candidate will help to ensure that perimeter security for web properties keeps pace with the changing threat landscape firmwide. This is an ideal role for someone looking to broaden their application security knowledge in a complex, mission critical, security focused enterprise environment.
Work with and guide global tech functions to onboard internet facing web apps to WAF
Review logs, implement tuning, web blocking etc. for onboarded applications
Mapping of IP addresses FQDNs to services and applications (BA)
Liaising with service owners and or associated teams to gather relevant application data for WAF migration purposes (BA)
Analyzing web behavior and performance to establish acceptable application thresholds SME
Performing policy tuning in accordance with performance baseline SME
Transitioning WAF from transparent to enforcement mode SME
Data cleansing and validation
Participate in proof of concepts for new security capabilities
Change management: Prepare, document, implement and verify changes including communicate changes to end-users and other impacted parties
Incident, Problem management: Conduct Root Cause Analysis RCA, respond to incidents and participate in postmortem analysis
Participate in on-call rotation
Strong analytical and problem solving skills, detail oriented, and well organized
Ability to cultivate strong relationships with application owners, demonstrated written and verbal communication skills
Web Network Security, with a focus on Web Application Firewalls/Controls, and their role in layered Defense in Depth
Experience with Akamai or equivalent platform(s): Radware, Imperva, Shape Security, CloudFlare, etc
Experience with onboarding web services into WAF Akamai, Shape, etc platforms and the lifecycle of monitor to mitigation modes
Periodically assist with vulnerabilities discovered via these platforms
Work with relevant teams to implement best web security practices and assist with enhancing the Firm's security posture. Strong collaboration skills across multiple teams will be required
Understanding of ITIL processes
The Web Application Security team is responsible for deploying and maintaining the Firm's internet facing web application security controls.
The technology and solution stack spans all internet facing web applications of the Institutional Security and Wealth Management Businesses. It consists of home-grown software, 3rd party software, open source products, appliances, and auxiliary services and solutions.
We are looking for a fungible, enthusiastic analyst/technologist with excellent analytical, organizational and communication skills to expand our Web Application Firewall (WAF), Bot Management, CVA protection and API Security Controls team. The successful candidate will help to ensure that perimeter security for web properties keeps pace with the changing threat landscape firmwide. This is an ideal role for someone looking to broaden their application security knowledge in a complex, mission critical, security focused enterprise environment.
Work with and guide global tech functions to onboard internet facing web apps to WAF
Review logs, implement tuning, web blocking etc. for onboarded applications
Mapping of IP addresses FQDNs to services and applications (BA)
Liaising with service owners and or associated teams to gather relevant application data for WAF migration purposes (BA)
Analyzing web behavior and performance to establish acceptable application thresholds SME
Performing policy tuning in accordance with performance baseline SME
Transitioning WAF from transparent to enforcement mode SME
Data cleansing and validation
Participate in proof of concepts for new security capabilities
Change management: Prepare, document, implement and verify changes including communicate changes to end-users and other impacted parties
Incident, Problem management: Conduct Root Cause Analysis RCA, respond to incidents and participate in postmortem analysis
Participate in on-call rotation
Strong analytical and problem solving skills, detail oriented, and well organized
Ability to cultivate strong relationships with application owners, demonstrated written and verbal communication skills
Web Network Security, with a focus on Web Application Firewalls/Controls, and their role in layered Defense in Depth
Experience with Akamai or equivalent platform(s): Radware, Imperva, Shape Security, CloudFlare, etc
Experience with onboarding web services into WAF Akamai, Shape, etc platforms and the lifecycle of monitor to mitigation modes
Periodically assist with vulnerabilities discovered via these platforms
Work with relevant teams to implement best web security practices and assist with enhancing the Firm's security posture. Strong collaboration skills across multiple teams will be required
Understanding of ITIL processes
Key job details
About Virtusa
Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 27,000 people globally that cares about your growth — one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us.
Great minds, great potential: it all comes together at Virtusa. We value collaboration and the team environment of our company, and seek to provide great minds with a dynamic place to nurture new ideas and foster excellence.
Virtusa is an Equal Opportunity Employer. All applicants will receive fair and impartial treatment without regard to race, color, religion, sex, national origin, ancestry, age, legally protected physical or mental disability, protected veteran status, status in the U.S. uniformed services, sexual orientation, gender identity or expression, marital status, genetic information or on any other basis which is protected under applicable federal, state or local law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government-issued ID during each interview. All candidates must be authorized to work in the USA.
Learn more
Awards and recognition
Syncing your Virtusa Information
Syncing Complete
Exporting your personal Virtusa brand items
Export Complete
Check your downloads folder for files and implementation instructions.
Assets are now available in your profile for future editing and use.
Loading your existing headshots
Please select any one of the images below
Downloading Secure Assets
Signing out