What We'll Bring:
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation - we're consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our Information Security team - you'll work with great people, pioneering products and cutting-edge technology. As a Network Security Engineer at TransUnion, you will be a part of our Network Security team to implement & improve WAF security posture which is key to meeting and providing the robust security for web based applications. You will have opportunity to contribute to technology modernization by moving network visibility tools to a variety of cloud solutions like AWS, Azure, Google Cloud and alike. This is a great opportunity to leverage your programming experience in security domain.
What You'll Bring:
Job Description

• Lead global architecture and deployment of Web Application Firewalls (WAF) working in close conjunction with security architecture, vendors and internal stakeholders.
• Develop, maintain, test and troubleshoot WAF policies and rule sets globally. Monitors systems activities and fine tunes system parameters and configuration to optimize performance and ensure security of systems.
• Respond to WAF events and develop incident response plans.
• Perform hardware capacity planning, review and respond to WAF alerts, onboard new apps to WAF, optimize policies, lead/conduct upgrades, integrate with monitoring/alerting tools and troubleshoot issues.
• Act as an escalation point for the WAF team to assist and advice on issues associated with WAF. Provide Tier 3 engineering support as needed.
• Agile project planning & delivery.

Required Skills:

• Strong understanding of on premise and cloud based Web Application Firewall Technologies. Extensive experience in CloudFlare technology & global implementation.
• Experience with security programming using REST API's and automation & scripting using PERL, Python, Ruby or Ansible.
• Strong DevOps experience & Cloud certification (AWS, Azure)
• Ability to improve effectiveness in incident response practices. Be a champion of continuous improvement initiatives.
• Install and tests new hardware and software releases. Evaluate and install patches, perform system upgrades and resolves security issues.
• Knowledge of information security concepts, OWASP web application vulnerabilities and web-based attacks.
• Good understanding of Linux or Cent OS command structure and experience creating shell scripts.
• In-depth understanding of communication protocols (mainly TCP/IP) and routing protocols (e.g. BGP, OSPF). Expertize in networking firewall concepts and configuration
• Knowledge and ability to support infrastructure, cloud security engineering & automation initiatives.
• Strong background in implementing and maintaining event management best practices.
• Ability to ensure the adoption and governance of standard operating procedures.
• Able to conduct research and support development of information security policies, standards, procedures, and/or guidelines.
• Good working knowledge of information security risk identification, assessment and reporting activities.
• Support business continuity risk management and disaster recovery planning activities.
• Adept at security monitoring, and investigation activities.
• Provider tier 3 support as needed.
• Ability to demonstrate technical knowledge and consultative skills. Strong communication skills.
• Bachelor's degree in Computer Science or Information Technology.

We'd Love to See:

• 5+ years of networking experience, including configuring, analyzing & troubleshooting complex TCP/IP networks.
• 2+ years of working in a Security Operations Center (SOC).
• 2+ years of tier 3 network & WAF support experience.
• 2+ years of experience working on projects with agile methodologies.
• 2+ years of experience with cloud technologies like AWS, Azure, Google Cloud Platform.
• Experience with cloud automation in security domain.

Impact You'll Make:

• In the first 90 days - Ramp up to project specifics and contribute to new WAF deployments and troubleshooting issues by closely with technical leads. Participate in solution architecture to move WAF tools to the cloud.
• Beyond 90 days - Effectively perform WAF deployments independently across TU regions with support from local resources. Participate in Tier 3 support activities and BAU as needed.
• Provide technical leadership and mentoring to junior engineers

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.

TransUnion's Internal Job Title:
Lead Engineer, Information Security