North · 12 hours ago
Application Security Engineer - WAF Focus
United States
Full-time
Remote
Mid, Senior Level
$110K/yr - $140K/yr
5+ years expNorth American Bancard is an end-to-end payment solutions company dedicated to helping entrepreneurs grow their businesses. They are seeking an Application Security Engineer with a focus on Web Application Firewalls to design, deploy, and manage WAF solutions while leading incident response efforts and collaborating with cross-functional teams to enhance security measures.
AccountingCredit CardsFinancial ServicesMobile PaymentsPayments
No H1B
Responsibilities
Design, deploy, and manage WAF solutions for on-premise and cloud-based platforms
Develop and fine-tune WAF policies, rules, and signatures to mitigate known threats and application abuses as well as emerging threats
Lead incident response efforts for web application and network attacks, including root cause analysis and remediation
Monitor and analyze inbound web traffic to identify and respond to suspicious activities, ensuring real-time threat mitigation
Collaborate with cross functional teams to integrate WAF solutions into CI/CD pipelines and application architectures and focus on maturing WAF protections
Maintain and optimize WAF configurations to balance security, performance, and user experience and enable process optimization and automation
Be involved in regular security assessments, vulnerability scans, and penetration testing to identify gaps in WAF protection
Maintain a close working relation with the Application Development team to ensure optimal protections are used for all new application releases
Ensure adequate testing and validation and has been performed for all protections and mitigations before rollout
Mentor team members and provide guidance on WAF best practices and troubleshooting
Stay current with emerging threats, vulnerabilities, and industry best practices to enhance WAF strategies
Document WAF infrastructure, create and maintain design diagrams, configurations, policies, and incident reports to ensure compliance with regulatory requirements
Ensure an always on application delivery model by providing quick response and reaction to incidents and critical activities when needed
Participate in on-call rotations to support 24/7 operations as needed
Ensure application security practices and solution operations align with regulatory standards such as PCI-DSS, NIST
Qualification
Required
Bachelor's degree in Computer Science, Information Security, Cybersecurity, or relevant equivalent experience
5+ years of experience in cybersecurity with a focus on Web Application Firewalls
3+ years of hands-on experience managing both on-premise WAF solutions and cloud-based WAF platforms
Experience with application security testing, application security abuse cases, emerging threats, particularities of threats against payment and financial applications
Experience with data analysis and SIEM tools (e.g., Grafana/Opensearch/CS NextGen SIEM) for log analysis and monitoring
Experience with cloud platforms (AWS, Azure, GCP) and their native security tools
Deep knowledge of web application vulnerabilities and mitigation techniques
Strong networking fundamentals and familiarity with network protocols (HTTP/HTTPS, TCP/IP, DNS) and web technologies (HTML, JavaScript, APIs)
Comfortable with using terminals, scripting and automation for WAF automation use-cases
Familiarity with DevOps tools (e.g., Docker, Kubernetes, Terraform, git) and CI/CD pipelines
Benefits
Medical, Dental, & Vision Coverage
Flexible Paid Time Off
401(k) + Match
Mental Health Support & Well-Being Program
Paid Maternity & Paternity Leave
Education Assistance
Company-funded Lifestyle Spending Account
Company
North
North provides payment processing solutions such as credit, debit, check conversion, guarantee and loyalty card solutions.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Marc Gardner
Founder, President & CEO
Gordon Rimac
CTO
Recent News
PR Newswire
2025-12-02
2025-10-15
Company data provided by crunchbase