For Recruiters

Senior Cyber Defense Engineer - Web Application and API Protection (WAAP)

CME Group
New York, United States
Posted 2 days ago Permanent Competitive
Senior Cyber Defense Engineer - Web Application and API Protection (WAAP)
Description
Senior Cyber Defense Engineer - Web Application and API Protection (WAAP)

Position Summary
This is a perfect opportunity for the right person to become a key part of a team of cyber security professionals that are executing a pivotal role in protecting and defending the nation's critical infrastructure. The Senior Cyber Defense Engineer will be a member of the Data, Application & Forensic function on the CyberDefense Engineering Team. This role will be responsible for cyber defense capability of web application and API protection technology and processes. Working closely with teammates within CyberDefense, Technology Application Development and Technology Infrastructure & Operations, this engineer will be responsible for the engineering, deployment, maintenance and enhancement of the WAAP infrastructure and content rules.

Position Responsibilities
  • Manage WAF technologies to ensure on-premises web applications as well as cloud hosted web applications are protected from OWASP Top 10 vulnerabilities which includes, but is not limited to, installation, implementation, administration, content creation (rules, reports, dashboards, etc.), and operations support
  • Manage API protection solutions to ensure online web applications are protected from OWASP Top 10 vulnerabilities for APIs as well as focusing on API abuse prevention
  • Performs environment health assessments, capacity planning and performance benchmarks providing operational assurance (operational readiness)
  • Respond to cyber defense incident alerts (CDIA), provide appropriate CDIA reporting, investigate WAAP incidents, perform ITIL Incident \ Problem tracking
  • Responsible for WAAP product lifecycle including, but not limited to, product patches, product upgrades, product redesigns, product end of life, etc.
  • Interface with other Global Information Security (GIS) departments, as well as, other Technology departments and business stakeholders

Position Requirements
  • A minimum of 4 years' engineering experience with WAF and API Security technologies, that include Installation, Implementation, Administration, Content Creation (rules, reports, dashboards, etc.), and operations support
  • Exposure \ knowledge of WAAP technology integration with SIEM technologies
  • Expert knowledge of SSL Inspection, Access Control, Policy Management, TCP\IP layer 3-7 and general networking structures
  • Understanding of Network Firewall technologies and operation.
  • Knowledge of programming languages a plus (i.e. Java, .NET, Python, etc.)
  • Knowledge System hardening concepts and techniques
  • A good understanding of Industry Security standards such as ISO27002, NIST Cyber Security Framework, etc.
  • Previous experience as a Network Administrator \ Network Engineer a plus
  • Operating knowledge of ITIL (ITIL Certification a plus)
#LI-MFE-Recruit
#LI-Hybrid

CME Group: Where Futures Are Made

CME Group (www.cmegroup.com) is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.

The Candidate Privacy Policy can be found here.
Job ID  10545063
More jobs From CME Group
CME Group
Senior Cyber Defense Engineer - Web Application and API Protection (WAAP)
CME Group
Chicago, USA
2 days ago Full time Competitive
CME Group
Senior Cyber Defense Engineer - Web Application and API Protection (WAAP)
CME Group
Washington D.C., USA
2 days ago Full time Competitive
CME Group
Senior Cyber Defense Engineer - Web Application and API Protection (WAAP)
CME Group
Houston, USA
2 days ago Full time Competitive
CME Group
Lead Security Engineer, Crypto
CME Group
New York, USA
2 days ago Full time Competitive
CME Group
Senior Cyber Security Engineer - EndPoint Protection
CME Group
Chicago, USA
2 days ago Full time Competitive
CME Group
Lead Security Engineer, Crypto
CME Group
Chicago, USA
2 days ago Full time Competitive
CME Group
Lead Security Engineer, Crypto
CME Group
Washington D.C., USA
2 days ago Full time Competitive
CME Group
Lead Security Engineer, Crypto
CME Group
Houston, USA
2 days ago Full time Competitive
CME Group
Lead Security Engineer, Crypto
CME Group
Houston, USA
2 days ago Full time Competitive
CME Group
Sr. Software Engineer
CME Group
New York, USA
2 days ago Full time Competitive