Technology Lead

About the role

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you're passionate about developing your career, while helping others along the way, come join the Broadridge team. Skill Requirements: Technical Skills Bachelor's degree in computer science, Information Technology, Cybersecurity, or a technology-related field. 7+ years of experience in Information Security, Application Security, Network Security, Cloud Security, Infrastructure Security, Security Engineering, or related technology roles. Working knowledge of WAF technologies, implementation approaches, policy configuration, rule tuning, alert review, false-positive handling, and enforcement modes. Strong understanding of DNS concepts, including domains, subdomains, CNAME records, A records, TTL, propagation, routing changes, domain validation, and DNS cutover planning. Good understanding of web application traffic flows, including HTTP/HTTPS, TLS certificates, reverse proxies, load balancers, CDNs, API gateways, origin servers, and ingress/egress routing. Basic understanding of web application security risks, including OWASP Top 10, injection attacks, cross-site scripting, authentication weaknesses, access control issues, malicious bots, and denial-of-service considerations. Basic understanding of cloud services, cloud networking, cloud security concepts, cloud-hosted application architectures, and cloud-native WAF services such as AWS WAF, Azure Web Application Firewall, Google Cloud Armor, or equivalent services. Familiarity with application hosting models, including on-premises, hybrid, cloud-hosted, SaaS, containerized, and API-based environments. Experience supporting security implementation projects involving application, network, infrastructure, cloud, vendor, and business teams. Familiarity with change management, production cutover planning, rollback planning, deployment validation, and post-implementation monitoring. Ability to review technical documentation, architecture diagrams, traffic flows, DNS records, certificates, WAF logs, rule triggers, and implementation evidence. Experience with ServiceNow, Jira, Confluence, SharePoint, or similar workflow, documentation, and tracking platforms. Ability to create implementation trackers, status dashboards, risk logs, cutover plans, test plans, stakeholder updates, and operational documentation. Soft Skills Strong stakeholder and program management skills, with the ability to work as a collaborative team player while coordinating across applications, infrastructure, network, cloud, DNS, security, vendor, and business teams. Excellent verbal and written communication skills, with the ability to clearly explain technical details, risks, blockers, recommendations, and next steps to both technical and non-technical stakeholders. Strong ownership, accountability, and organizational skills to drive multiple WAF implementations in parallel from intake through deployment, validation, and closure. Strong problem-solving and influencing skills, with the ability to identify technical dependencies, manage risks, escalate blockers, and keep cross-functional teams aligned toward implementation milestones. Role and Responsibilities: Drive end-to-end WAF implementation for in-scope applications, websites, APIs, and internet-facing services, including intake, technical discovery, configuration, testing, validation, production cutover, and post-implementation review. Partner with application, infrastructure, network, cloud, DNS, vendor, and Information Security teams to plan and execute WAF onboarding activities. Gather and document key application and environment details, including URLs, domains, subdomains, origin IPs, ports, certificates, traffic patterns, hosting details, ownership, and business criticality. Support DNS and traffic routing activities such as CNAME updates, domain validation, routing changes, cutover planning, rollback planning, and post-change verification. Work with technical teams to understand application architecture, traffic flows, load balancers, CDNs, reverse proxy configurations, cloud hosting models, and related security dependencies. Assist in defining, implementing, testing, and tuning WAF policies, managed rules, custom rules, exclusions, allowlists, blocklists, rate limiting, bot controls, logging, alerting, and enforcement modes. Review WAF alerts, blocked requests, false positives, rule triggers, and traffic patterns during implementation and tuning to ensure effective protection with minimal business impact. Ensure WAF implementations consider application security risks such as OWASP Top 10, authentication flows, APIs, file uploads, business-critical transactions, and user experience impact. Track implementation progress, dependencies, risks, issues, blockers, and completion status across multiple applications or workstreams. Develop and maintain implementation plans, cutover checklists, testing evidence, deployment status, risk s

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at broadridge? Share your experience