WAF Engineer, Cyber Defense Operations
2 weeks ago
POSITION SUMMARY
The Cyber Defense Operations (CDO) Team is responsible for identifying and managing cyber risks and leading operational remediation projects for both ship and shore. For ships, the focus is to reduce risk to passenger, crew, and RCCL shipboard assets. The goal of the CDO Program is to provide cybersecurity architectural and engineering guidance on projects and strategies driven by shoreside business, marine operations, newbuild, and shipboard IT organizations to appropriately manage operational, regulatory, and safety risks as well as optimizing investments by reducing future remediation efforts.
The CDO WAF Engineer helps drive the execution of the CDO strategy and program initiatives at RCL. The role will partner with subject matter experts, peers and leaders across RCL shore and shipboard lines of business regarding cyber risks.The role will be an individual contributor providing cyber risk management and assurance expertise so that websites supporting RCL environments have been implemented and maintained, adhering to cybersecurity guidelines, and corporate information security standards.This position will assist the CDO manager by establishing WAF security baselines. This position will also help influence Digital, marketing, and sales areas to raise awareness of the cybersecurity website risk and their role in ensuring the overall safety of our brands that ultimately can impact passengers, crew, shoreside systems and maritime IT/OT/ET systems.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Manage and maintain the WAF rulesets for RCL websites
- Publish a default OWASP top 10 WAF policy that all new websites must pass before being published to the Internet
- Responsible for ensuring CDO WAF runbook’s are updated and reviewed annually
- Assist CDO leadership with the development and collection of accurate WAF metrics
- Participate in planned normal call rotations and also 24/7 on-call rotations to resolve critical issues
- Change Management - Ensure that outages & change requests are correctly documented, prioritized, and closed
- Review and understand complex cyber guidelines (NIST) and regulations such as PCI, SOX, BIMCO Cybersecurity Guidelines for Ships, U.S. Coast Guard security requirements, and International Maritime Organization (IMO)
- Contribute with a high degree of self-sufficiency and resourcefulness on individual and departmental performance objectives
- High degree of motivation to maintain technical skills and cybersecurity knowledge relevant by seeking self-development opportunities such as industry certifications, investing time to learn new skills, and networking with peers in the security industry
- Assist with Other CDO platforms that protect IT, and OT maritime cybersecurity technology
- Leverage information security activities and technologies to raise cyber situational awareness and protection
- Actively engage in liaison activities with industry associations, peer institutions, regulatory and contractual agencies/organizations, and IS information-sharing communities
QUALIFICATIONS:
- Bachelor’s degree or equivalent industry experience
- 4+ years of experience in Information Security
- 2+ years of experience with WAF platforms
- Experience managing, monitoring and tuning Web Application Firewalls for critical web applications
- Knowledge of Client Network configurations to ensure applications are configured to appropriately flow through the CDN platform ensuring application traffic flows appropriately to the application origins
- Previous experience using Burp Suite is a plus
- Demonstrated ability to perform independent analysis of complex problems
- Broad IT knowledge, including hardware, virtualization, networking, architecture, common protocols, files systems and operating systems
- An ability to communicate complex technical issues to English-speakers from many cultures
- Must have competent verbal and written communication abilities; interpersonal collaborative skills; and the ability to communicate IS and risk-related concepts to technical and non-technical audiences
- Ability to learn methodologies, tools, best practices and processes within specific areas of responsibility
- Decision-making, reporting, communication, and skills
- Prior experience with CMDB, Proxy, firewalls, or EDR systems is a plus
- Industry certifications are a plus
Knowledge and Skills:
- Demonstrates organizational skills and time management
- Ability to manage multiple tasks / projects while ensuring deadlines are met
- Displays sound judgment with a high level of integrity, ethics and ability to calmly, diplomatically and effectively deal with stressful situations
- Able to formulate, communicate exceptions/findings and technical solutions
- Demonstrate a degree of creativity with adept analytical and problem solving skills
- Ability to identify remediation activities based on risk to the overall enterprise
- May require travel (domestic and international) to perform shipboard cybersecurity work.
- May require working United States business hours
- Position is based in Manila, Philippines
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr-
WAF Engineer, Cyber Defense Operations
2 weeks ago
Brossard, QC, Canada Royal Caribbean Group Full timePOSITION SUMMARY The Cyber Defense Operations (CDO) Team is responsible for identifying and managing cyber risks and leading operational remediation projects for both ship and shore. For ships, the focus is to reduce risk to passenger, crew, and RCCL shipboard assets. The goal of the CDO Program is to provide cybersecurity architectural and engineering...
-
Cyber Defense Operations Senior Engineer
3 weeks ago
Brossard, Canada Royal Caribbean Group Full timeCyber Defense Operations Senior EngineerThe Cyber Defense Operations (CDO) Team is responsible for identifying and managing cyber risks and leading operational remediation projects for both ship and shore. For ships, the focus is to reduce risk to passenger, crew, and RCCL shipboard assets. The goal of the CDO Program is to provide cybersecurity...
-
Cyber Defense Operations Senior Engineer
2 weeks ago
Brossard, Canada Royal Caribbean Group Full timeCyber Defense Operations Senior EngineerThe Cyber Defense Operations (CDO) Team is responsible for identifying and managing cyber risks and leading operational remediation projects for both ship and shore. For ships, the focus is to reduce risk to passenger, crew, and RCCL shipboard assets. The goal of the CDO Program is to provide cybersecurity...
-
Cyber Defense Operations Senior Engineer
2 weeks ago
Brossard, Canada Royal Caribbean Group Full timeCyber Defense Operations Senior EngineerThe Cyber Defense Operations (CDO) Team is responsible for identifying and managing cyber risks and leading operational remediation projects for both ship and shore. For ships, the focus is to reduce risk to passenger, crew, and RCCL shipboard assets. The goal of the CDO Program is to provide cybersecurity...
-
Cyber Defense Operations Senior Engineer
2 weeks ago
Brossard, QC, Canada Royal Caribbean Group Full timeCyber Defense Operations Senior Engineer The Cyber Defense Operations (CDO) Team is responsible for identifying and managing cyber risks and leading operational remediation projects for both ship and shore. For ships, the focus is to reduce risk to passenger, crew, and RCCL shipboard assets. The goal of the CDO Program is to provide cybersecurity...
-
Cloud Security Research Engineer, Philippines
3 weeks ago
Brossard, Canada Horangi Cyber Security Full timeCloud Security Research Engineer, Philippines Horangi Cyber Security Leading cyber security firm in Asia, offering advanced cyber security products and services, including consulting. We specialize in equipping businesses with robust security solutions and expert guidance to navigate the digital landscape... View company page Horangi – A Bitdefender...
-
Cloud Security Research Engineer, Philippines
2 weeks ago
Brossard, Canada Horangi Cyber Security Full timeCloud Security Research Engineer, Philippines Horangi Cyber Security Leading cyber security firm in Asia, offering advanced cyber security products and services, including consulting. We specialize in equipping businesses with robust security solutions and expert guidance to navigate the digital landscape... View company page Horangi – A Bitdefender...
-
Cloud Security Research Engineer, Philippines
2 weeks ago
Brossard, Canada Horangi Cyber Security Full timeCloud Security Research Engineer, Philippines Horangi Cyber Security Leading cyber security firm in Asia, offering advanced cyber security products and services, including consulting. We specialize in equipping businesses with robust security solutions and expert guidance to navigate the digital landscape... View company page Horangi – A Bitdefender...
-
Cloud Security Research Engineer, Philippines
2 weeks ago
Brossard, QC, Canada Horangi Cyber Security Full timeCloud Security Research Engineer, Philippines Horangi Cyber Security Leading cyber security firm in Asia, offering advanced cyber security products and services, including consulting. We specialize in equipping businesses with robust security solutions and expert guidance to navigate the digital landscape... View company page Horangi – A Bitdefender...
-
Cyber Security Incident Response Lead
3 weeks ago
Brossard, Canada Cogeco Full timeCogeco Cogeco offers ultrafast and reliable Internet, flexible TV, and Home phone services backed by our fibre-powered network. View company page Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine...
-
Cyber Security Incident Response Lead
2 weeks ago
Brossard, Canada Cogeco Full timeCogeco Cogeco offers ultrafast and reliable Internet, flexible TV, and Home phone services backed by our fibre-powered network. View company page Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine...
-
Cyber Security Incident Response Lead
2 weeks ago
Brossard, Canada Cogeco Full timeCogeco Cogeco offers ultrafast and reliable Internet, flexible TV, and Home phone services backed by our fibre-powered network. View company page Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine...
-
Senior Cyber Security Advisor
3 weeks ago
Brossard, Canada Teck Resources Full timeTeck Resources Teck is Canada's largest diversified mining company and is committed to responsible development. It has major business units focused on copper, metallurgical coal, zinc, gold and energy. Shares are listed on the TSX under the symbols TECK.A and... View company page As Canada’s largest diversified mining company, Teck is committed to...
-
Senior Cyber Security Advisor
2 weeks ago
Brossard, Canada Teck Resources Full timeTeck Resources Teck is Canada's largest diversified mining company and is committed to responsible development. It has major business units focused on copper, metallurgical coal, zinc, gold and energy. Shares are listed on the TSX under the symbols TECK.A and... View company page As Canada’s largest diversified mining company, Teck is committed to...
-
Senior Cyber Security Advisor
2 weeks ago
Brossard, Canada Teck Resources Full timeTeck Resources Teck is Canada's largest diversified mining company and is committed to responsible development. It has major business units focused on copper, metallurgical coal, zinc, gold and energy. Shares are listed on the TSX under the symbols TECK.A and... View company page As Canada’s largest diversified mining company, Teck is committed to...
-
Cyber Controls Assurance Analyst
3 weeks ago
Brossard, Canada Cadence Design Systems Full timeJob SummaryTo provide Information Security expertise within RBC. To use this expertise in Internal consulting and representation with the objective of optimum protection of all RBC Information assets. Applies experience and seasoned knowledge, skills, and practices to perform a variety of assignments.Job DescriptionWhat is the Opportunity?As a Cyber Control...
-
Cyber Controls Assurance Analyst
2 weeks ago
Brossard, Canada Cadence Design Systems Full timeJob SummaryTo provide Information Security expertise within RBC. To use this expertise in Internal consulting and representation with the objective of optimum protection of all RBC Information assets. Applies experience and seasoned knowledge, skills, and practices to perform a variety of assignments.Job DescriptionWhat is the Opportunity?As a Cyber Control...
-
Cyber Controls Assurance Analyst
2 weeks ago
Brossard, Canada Cadence Design Systems Full timeJob SummaryTo provide Information Security expertise within RBC. To use this expertise in Internal consulting and representation with the objective of optimum protection of all RBC Information assets. Applies experience and seasoned knowledge, skills, and practices to perform a variety of assignments.Job DescriptionWhat is the Opportunity?As a Cyber Control...
-
Senior Cyber Intelligence Analyst
3 weeks ago
Brossard, Canada Clarivate Full timeClarivate Clarivate is a global leader in providing trusted insights and analytics. Our vision is to improve the way the world creates, protects, and advances innovation. View company page RBC Cyber Intelligence Group (CIG) is seeking a Senior Cyber Intelligence Analyst with demonstrated competence and drive to contribute toward the success of RBC’s...
-
Senior Cyber Intelligence Analyst
2 weeks ago
Brossard, Canada Clarivate Full timeClarivate Clarivate is a global leader in providing trusted insights and analytics. Our vision is to improve the way the world creates, protects, and advances innovation. View company page RBC Cyber Intelligence Group (CIG) is seeking a Senior Cyber Intelligence Analyst with demonstrated competence and drive to contribute toward the success of RBC’s...
