Web Application Security Specialist, Dir, P3 at Morgan Stanley

Alpharetta, Georgia, United States -

Full Time

Start Date

Immediate

Expiry Date

06 Feb, 26

Salary

135000.0

Posted On

08 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Web Application Security, Web Application Firewalls, Akamai, Radware, Imperva, Shape Security, CloudFlare, Incident Management, Problem Management, Root Cause Analysis, Policy Tuning, Data Cleansing, Change Management, Analytical Skills, Communication Skills, Collaboration Skills

Industry

Financial Services

Description

Contribute to the function through complex project tasks and initiatives. Interact regularly with team members and occasionally leadership on a range of topics. Work with and guide global tech functions to onboard internet facing web apps to WAF. Review logs, implement tuning, web blocking etc. for onboarded applications. Mapping of IP addresses / FQDNs to services and applications (BA) Liaising with service owners and / or associated teams to gather relevant application data for WAF migration purposes (BA) Analyzing web behavior and performance to establish acceptable application thresholds (SME) Performing policy tuning in accordance with performance baseline (SME) Transitioning WAF from transparent to enforcement mode (SME) Data cleansing and validation Participate in proof of concepts for new security capabilities. Change management: Prepare, document, implement and verify changes including communicate changes to end-users and other impacted parties. Incident, Problem management: Conduct Root Cause Analysis (RCA), respond to incidents and participate in postmortem analysis. Participate in on-call rotation. At least 4 years' relevant experience in a similar role. Web Network Security, with a focus on Web Application Firewalls/Controls, and their role in layered Defense in Depth Experience with Akamai or equivalent platform(s): Radware, Imperva, Shape Security, CloudFlare, etc Experience with onboarding web services into WAF (Akamai, Shape, etc) platforms and the lifecycle of monitor to mitigation modes Ability to process information, translate into plans and present summaries to stakeholders. Experienced understanding of business line and discipline. Strong analytical and problem solving skills, detail oriented, and well organized Ability to cultivate strong relationships with application owners, demonstrated written and verbal communication skills Periodically assist with vulnerabilities discovered via these platforms Work with relevant teams to implement best web security practices and assist with enhancing the Firm's security posture. Strong collaboration skills across multiple teams will be required. Understanding of ITIL processes Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren't just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There's also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser. Salary range for the position $95,000 to $135,000 per year. The successful candidate may be eligible for an annual discretionary incentive compensation award. The successful candidate may be eligible to participate in the relevant business unit's incentive compensation plan, which also may include a discretionary bonus component. Please visit mybenefits.morganstanley.com to learn more about our benefit offerings. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees. It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Responsibilities

The Web Application Security Specialist will contribute to complex project tasks and initiatives, guiding global tech functions to onboard internet-facing web applications to WAF. Responsibilities include reviewing logs, implementing tuning, and conducting root cause analysis for incidents.