Application Security Engineer- WAF Focus

North- Must be in Eastern Time Zone

What you'll be doing:

• Design, deploy, and manage WAF solutions for on-premise and cloud-based platforms

• Develop and fine-tune WAF policies, rules, and signatures to mitigate known threats and application abuses as well as emerging threats.

• Lead incident response efforts for web application and network attacks, including root cause analysis and remediation.

• Monitor and analyze inbound web traffic to identify and respond to suspicious activities, ensuring real-time threat mitigation.

• Collaborate with cross functional teams to integrate WAF solutions into CI/CD pipelines and application architectures and focus on maturing WAF protections.

• Maintain and optimize WAF configurations to balance security, performance, and user experience and enable process optimization and automation.

• Be involved in regular security assessments, vulnerability scans, and penetration testing to identify gaps in WAF protection.

• Maintain a close working relation with the Application Development team to ensure optimal protections are used for all new application releases. 

• Ensure adequate testing and validation and has been performed for all protections and mitigations before rollout. 

• Mentor team members and provide guidance on WAF best practices and troubleshooting

• Stay current with emerging threats, vulnerabilities, and industry best practices to enhance WAF strategies.

• Document WAF infrastructure, create and maintain design diagrams, configurations, policies, and incident reports to ensure compliance with regulatory requirements.

• Ensure an always on application delivery model by providing quick response and reaction to incidents and critical activities when needed.

• Participate in on-call rotations to support 24/7 operations as needed.

• Ensure application security practices and solution operations align with regulatory standards such as PCI-DSS, NIST

What we need from you:

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or relevant equivalent experience.

• 5+ years of experience in cybersecurity with a focus on Web Application Firewalls

• 3+ years of hands-on experience managing both on-premise WAF solutions and cloud-based WAF platforms

• Experience with application security testing, application security abuse cases, emerging threats, particularities of threats against payment and financial applications.

• Experience with data analysis and SIEM tools (e.g., Grafana/Opensearch/CS NextGen SIEM) for log analysis and monitoring.

• Experience with cloud platforms (AWS, Azure, GCP) and their native security tools

• Deep knowledge of web application vulnerabilities and mitigation techniques.

• Strong networking fundamentals and familiarity with network protocols (HTTP/HTTPS, TCP/IP, DNS) and web technologies (HTML, JavaScript, APIs).

• Comfortable with using terminals, scripting and automation for WAF automation use-cases.

• Familiarity with DevOps tools (e.g., Docker, Kubernetes, Terraform, git) and CI/CD pipelines.

Salary Range: $110,000- $140,000

Pay within this range varies by work location and on job-related knowledge, skills, and experience. We look forward to discussing your salary expectations and our full total rewards offerings throughout the interview process.

What we offer: 

We offer a comprehensive benefits package that enables our teams to live a life well lived, both personally and professionally. Some of our perks include:

• Medical, Dental, & Vision Coverage

• Flexible Paid Time Off

• 401(k) + Match

• Mental Health Support & Well-Being Program

• Paid Maternity & Paternity Leave

• Education Assistance

• Company-funded Lifestyle Spending Account

Please note: North is a US based company and this role is not eligible for current or future sponsorship.

Let’s go North, together. 

Join our mission to build the largest suite of credit card processing and merchant services. It’s one simple payment platform backed by the most diverse payment companies. From credit card processing to back-office management, North points the way to smarter, faster, and just plain better payment solutions.

Who we are: 

North, and our family of companies, are committed to helping entrepreneurs grow their businesses. As an end-to-end payment solutions company, we provide everything business owners need to get paid, whether they serve customers in a physical storefront, online, or both. We pride ourselves on being large enough to offer customized solutions to our enterprise-level clients while remaining agile enough to take an award-winning, hands-on approach to personal service that our merchants won’t find anywhere else.

Let’s go North, together! Our most important resource is our people. Join our diverse team of innovators and do-ers and make your mark on the future of payments technology. We're proud to offer benefits that help our team members further their overall well-being through unique initiatives that are both personally and professionally fulfilling. 

At North, we celebrate diversity and create an inclusive environment for everyone. We are an equal opportunity employer.

To learn more about North, and our family of companies, visit our website: north.com