We currently seek a Senior Security Engineer with a background in managing Imperva WAF and Microsoft servers for our New York, NY office.  Prior experience securing and managing production networks, databases and websites is required. Prior professional services experience is preferred.  This position will be hands on and may require variable working hours based on project timelines, maintenance windows and on-call events.

Responsibilities:

• Manage Imperva Web Application Firewall – updates, rules and tuning
• Event research – monitoring real time alerts and taking preventative steps to block intrusion attempts
• Primary interface for our Managed Security Providers to resolve alerts, and resolve potential suspicious activity and vulnerabilities.
• Configure and harden IIS on production, stage and development environments
• Primary interface to external vendors performing white hat penetration testing of our assets
• Assist software engineering team in remediating discovered vulnerabilities
• Regularly monitor and scan network infrastructure and servers with tools such as Nessus
• Assist with testing, defect tracking and debugging of work in process
• Manage log consolidation and analysis with third party log management vendor
• Collaborate with software engineers, information architects and data center operations teams to design new web experiences with a focus on secure applications

Required Skills:

• Expert level managing and tuning Imperva WAF – hands on experience in production environment
• Expert IIS configuration and management for production environment
• .Net security and Microsoft application hardening experience
• Change management and scheduling of changes to production systems in maintenance windows
• Knowledge of standard web application structures, rich web technologies (e.g., Web 2.0, HTML, browsers, Flash, etc.)
• Experience working with QA team to debug deliverables
• Solid organizational skills
• Attention to small details is a MUST

Desirable Security Skills: - (Any of these are a plus):

• Prior experience with Cisco ASA firewalls
• Prior experience with Palo Alto NG Firewall management
• Prior experience with McAfee IPS appliances
• Prior experience with RSA SecureID infrastructure
• Prior experience with AlertLogic Threat Manager management
• Prior experience with AlertLogic Log Manager management
• Prior experience with encryption key management
• Prior experience with VPN configuration, management and security
• Prior experience with IBM AppScan or HP Fortify static code analysis tools

Desirable Software Engineering Skills: - (Any of these are a plus):

• Basic experience with C#
• Ability to read and write SQL
• Prior experience with database driven marketing programs
• Working knowledge of Visual Studio or similar IDE
• Basic HTML skills, ability to hand code websites with complex CSS
• Basic AJAX knowledge
• Able to understand technical guidelines and write code to company standards