Application Security Engineer (IGT1) at IFS NORTH AMERICA INC

Colombo, Western Province, Sri Lanka -

Full Time

Start Date

Immediate

Expiry Date

19 Jun, 26

Salary

0.0

Posted On

21 Mar, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Operations, WAF Monitoring, Incident Response, Web Application Firewall, Security Alerts, Web Traffic Analysis, SOC, DevOps, Root Cause Analysis, SIEM, API Abuse, SQL Injection, Cross-Site Scripting, Bot Activity, HTTP, HTTPS

Industry

Software Development

Description

Company Description About IGT1: IGT1 is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates and also a sister company of IFS. At IGT1, we partner with global businesses to provide them with an operation that maximizes efficiency, spurs growth, allows them to develop and deliver world-class products and services, and creates long-term value. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives. With a team of over 500 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary. Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives. About the Client: Kyriba Kyriba is the global leader in cloud-based finance solutions, empowering CFOs and their teams to transform how they activate liquidity as a dynamic, real-time vehicle for growth and value creation. Our award-winning SaaS platform delivers comprehensive treasury, risk management, payments, and supply chain finance capabilities that enable companies to optimize their working capital and enhance financial performance. Job Description About this Role We are seeking an Application Security Engineer with a strong focus on Security Operations and Web Application Firewall (WAF) monitoring. This role is responsible for detecting, analyzing, and responding to application-layer threats by reviewing WAF logs, security alerts, and web traffic patterns. The engineer will work closely with SOC analysts, DevOps, and application teams to strengthen application-layer defenses, investigate suspicious activity, and continuously improve web security controls. Security Monitoring & Incident Response Monitor application security alerts from Web Application Firewalls (WAF) and other security monitoring tools. Investigate suspicious web traffic, attack patterns, and security events. Triage and respond to security incidents related to web applications and APIs. Conduct root cause analysis for application-layer attacks and security alerts. Escalate confirmed incidents to the incident response or security engineering teams. WAF Management Configure, tune, and maintain WAF policies and rules to protect web applications. Analyze WAF logs to identify attack attempts such as SQL injection, cross-site scripting, bot activity, and API abuse. Optimize WAF configurations to reduce false positives and improve detection accuracy. Implement custom rules to mitigate emerging threats and vulnerabilities. Threat Detection & Security Analysis Analyze security events using SIEM and monitoring platforms. Correlate WAF alerts with other security telemetry to identify potential attacks. Identify trends in web attacks and recommend improvements to security controls. Maintain documentation for incidents, WAF rules, and detection strategies. Qualifications Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field (or equivalent experience). 3+ years of experience in cybersecurity, security operations, or application security. Hands-on experience working with Web Application Firewalls (WAF). Experience analyzing security logs, alerts, and threat events. Experience working in a Security Operations Center (SOC) or similar monitoring environment. Understanding of web protocols such as HTTP, HTTPS, REST APIs, and web architectures. Familiarity with SIEM platforms and security monitoring tools. Additional Information We champion flexibility and hybrid work options to support varying lifestyles and personal needs. At the same time, we value the power of in-person collaboration to build community, spark innovation, and strengthen connections. Our approach ensures you can work in ways that suit you best while still engaging with colleagues to share ideas and grow together. #LI-Hybrid #LI-DNP IFS Referral Bonus Code: SH Job Location: On site

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

This role focuses on monitoring application security alerts from Web Application Firewalls (WAF) and other tools, investigating suspicious web traffic, and triaging security incidents related to web applications and APIs. The engineer will also configure, tune, and maintain WAF policies and rules to protect applications and optimize detection accuracy.