Join TriumphX! TriumphX, a member of the Triumph Financial portfolio of brands, provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands – TriumphPay, Triumph and TBK Bank – via a shared service model. We’re looking for top tech and project management talent to analyze, recommend and build strategic solutions that support Triumph Financial’s mission to become a world-class, market-leading financial and technology company. This is a networking requisition and not a job opening. We are in the process of networking for anticipated future job openings. Position Summary The web application firewall analyst provides advanced, hands-on representation of the cybersecurity defense team. Candidates for this technical role must possess a solid understanding of information security and should have held positions in cybersecurity and systems administration. The role also requires an understanding of business and governance processes. Web application firewall (WAF) analyst analysts accept primary responsibility for the overall management lifecycle of the program. Web application firewall analysts should understand that legacy and present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. The position must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy. Web application firewall analysts oversee the strategic initiatives for short- as well as long-term plans to identify and reduce the attack surface across applications and systems. Use of automated tools to identify, assess and report is expected, with emphasis placed on effective communication to constituents relying on applications and systems that support their business. Essential Duties & Responsibilities Create, deploy, maintain and troubleshoot Web Application Firewalls (WAF) policies for new and existing web applications. Review vulnerabilities that impact web applications and develop WAF “Virtual Patching” solutions. Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks. Review WAF usage and define means to improve and mature protection policies. Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications. Interpret web protocol information to determine source, intent, and risk of threat agents. Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability. Participate in technical design activities to ensure a sound design and any infrastructure impact is understood. Create and maintain technical documentation regarding the WAF including network diagrams, policies and operational procedures for managing the infrastructure. Work closely with Development, QA, DevOPS, Operations, InfoSec, and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks. Review vulnerability and application scan output and assess where WAF configuration can be used to mitigate attacks. Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy. Work as a team to consistently learn and share advanced skills and foster team excellence. Support internal and external auditors in their duties that focus on compliance and risk reduction. Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface. Periodically attend and participate in change management policy discussions and meetings. Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with WAF controls. Understand breach and attack simulation solutions for known vulnerabilities and work with the team to validate controls effectiveness. Liaise with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities. Perform other duties as assigned. Experience & Education Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices. Preferably some experience with implementing security solutions across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP). Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface. Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO). Capable of scripting in Python, Bash, Perl or PowerShell. Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle. Bachelor’s degree in Information Security, Information Systems, Computer Science, or equivalent work experience. At least 3-5+ years’ experience in managing and deploying web application firewalls, application security, or information security administration. Proficient with cloud WAF solutions such as F5, Imperva, AWS, etc. Preferably, one or more of the following certifications: CSSLP, CASE, GWEB, CISSP or CRISC. Experience with infrastructure-as-code (IAC) tools like Terraform, Ansible, Cloud Formation, etc. is preferred Skills & Abilities Required Strong interpersonal skills. Quality written, oral, and presentation skills to communicate business risk and remediation requirements from assessments. Analytical and problem-solving mindset with an attention to detail. Ability to function with supervision from other analysts. Commitment to operational excellence and continuous process improvement. Willingness to expand security knowledge, skills, and abilities to achieve department initiatives. Self-starter requiring minimal supervision. Highly organized and efficient. Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen. Information Security Web Application Firewall Analyst should have a working knowledge of: Web Application Firewalls TLS and certificate management Infrastructure-as-Code (IAC) On-call network troubleshooting Network Security Network protocols Threat management and response Role and attribute-based access controls (RBAC and ABAC) System administration Foundational routing, switching, segmentation Vulnerability scanners Log analysis Virtual Private Networks (VPN) Security Information and Event Monitoring Tools (SIEM) Competencies To perform the job successfully, an individual should demonstrate the following competencies: Problem Solving – Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions. Technical Skills – Pursues training and development opportunities; Strives to continuously build knowledge and skills; Shares expertise with others. Quality Management – Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness. Organizational Support – Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization’s goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity. Quality – Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality. Adaptability – Changes the approach or method to best fit the situation. Work Environment The work environment characteristics described here maybe encountered while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Moderate noise (i.e., business office with computers, phone, and printers, light traffic). Ability to work in a confined area. Ability to sit at a computer terminal for an extended period. Occasional stooping or kneeling may be necessary. While performing the duties of this job, the employee is regularly required to stand, sit, talk, hear and use hands and fingers to operate a computer keyboard and telephone. Specific vision abilities are required by this job due to computer work. Light to moderate lifting is required. Occasional travel is required. ***Location: Dallas, TX or Remote – U.S. excluding the following states: AK, CT, DE, ID, IN, MD, MA, MS, MT, NE, NC, ND, RI, SD, VT, WA, WV, WY***
#LI-JH1 Triumph Financial, Inc. and its subsidiaries reserve the right to modify this job description at any time, with or without notice. This job description in no way implies that these are the only duties, to be performed by the employee occupying this position. This job description is not an employment contract, implied or otherwise. Equal Employment Opportunity Statement: Triumph Financial, Inc., and its subsidiaries, provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, or status as a covered veteran in accordance with applicable federal, state, and local laws. We offer Medical, Dental, Vision, Paid Time Off, 401k and much more. Go on. Do it. Apply Today!
Key Performance Indicators (KPIs) change-management case Infrastructure as Code (IaC) MITRE ATT&CK network-security Terraform Intrusion Prevention System (IPS) RBAC Certified Information Systems Security Professional (CISSP) Information security Certificate management Perl Security abac waf SDLC Network Routing Network Switches Python powershell SIEM network-protocols Segmentation VPN Common Vulnerability Scoring System (CVSS) OWASP ssl DevOps web-application-firewall System administration risk management amazon-cloudformation metrics Bash log-analysis Ansible