Security Engineer - Cloud & Web Protection

AllSTEM Connections
Ontario, United States of America
yesterday

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Ontario, United States of America

Tech stack

API
Applications Architecture
User Authentication
Automation of Tests
Cloud Computing
Complex Networks
Computer Security
Continuous Integration
DDoS Mitigation
Python
Network Security
Network Architecture
Network Segmentation
Open Web Application Security
Zero Trust Network Access
Web Application Security
SQL Injection
Web Applications
Transport Layer Security
Software Security
Cyber Threat Analysis
Firewalls (Computer Science)
Cross-Site Scripting (XSS)
Rate Limiting
GIT
Containerization
Kubernetes
Drilldown
REST
Terraform
Devsecops
Security Orchestration, Automation & Response
Web Api

Job description

This is a high-impact role for an engineer who thrives at the intersection of network architecture and application-layer defense. You will not only manage the security platforms but also drive automation and DevSecOps integration, ensuring that as our application architecture evolves, our security posture scales with it. If you are passionate about protecting critical services from sophisticated automated threats, we want to hear from you., Application & Edge Security Edge Protection: Lead the administration of enterprise WAF and CDN platforms. Deploy and tune security policies to defend against OWASP Top 10, API abuse, credential stuffing, and advanced bot threats. API Security: Architect and manage security controls for API endpoints, including rate limiting, schema validation, and traffic anomaly detection. Incident Response: Provide high-level support for web application security incidents. Conduct deep-dive analysis on false positives and tune detection logic to minimize disruption to production traffic.

Network & Cloud Perimeter Infrastructure Security: Administer and support Next-Generation Firewall (NGFW) environments, secure remote access/ZTNA solutions, and complex network routing policies. Network Segmentation: Design and implement robust segmentation and SSL decryption strategies to maintain visibility into encrypted traffic without compromising performance. Operations & On-Call: Participate in an on-call rotation to provide rapid response for production-critical network or application security incidents.

Automation & DevSecOps Security as Code: Develop automation scripts using Python and REST APIs to streamline security workflows. Manage security infrastructure using Terraform and integrate security checks into CI/CD pipelines. Dashboards & Reporting: Build real-time dashboards to provide leadership with visibility into our security posture, threat trends, and remediation metrics.

Requirements

Experience Baseline: 5+ years of combined experience in web application and network security. Technical Mastery: Hands-on experience with enterprise-grade WAF/DDoS mitigation platforms and Next-Generation Firewalls (NGFW). Automation: Demonstrated ability to build security automation with Terraform, Python, and Git. AppSec Core: Strong understanding of authentication attacks, SQLi, XSS, and API-specific vulnerabilities.

Preferred Attributes Experience securing Kubernetes and containerized environments. Experience within a DevSecOps/CI/CD culture, including integrating automated security scanning into development workflows. Industry certifications (e.g., CISSP, GIAC, or vendor-specific security architecture certifications). A "threat-hunting" mindset-the ability to identify patterns in traffic that suggest malicious intent rather than just reacting to alerts.

About the company

For temporary assignments lasting 13 weeks or longer, AllSTEM Connections is pleased to offer major medical, dental, vision, 401k and any statutory sick pay where required. We are committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please contact your staffing representative who will reach out to our HR team. AllSTEM Connections participates in the E-Verify program in certain locations as required by law. Learn more about the E-Verify program. _Participation_Poster_ES.pdf We also consider for employment qualified applicants regardless of criminal histories, consistent with legal requirements, including, if applicable, the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. Pursuant to applicable state and municipal Fair Chance Laws and Ordinances, we will consider for employment-qualified applicants with arrest and conviction records, including, if applicable, the San Francisco Fair Chance Ordinance. For Los Angeles, CA applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

Apply for this position