Senior IT Security Analyst WAF

Requirements

• Required:
• 6 +years of experience in Information Security, Network Security Operations, or Cybersecurity.
• Proven expertise administering and supporting enterprise WAF platforms.
• Hands-on experience with Imperva WAF or similar WAF technologies.
• Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities.
• Experience onboarding applications and tuning WAF policies in enterprise environments.
• Strong knowledge of HTTP/HTTPS protocols, SSL/TLS, reverse proxies, and load balancing concepts.
• Experience managing and troubleshooting DNS records, including CNAME and TXT records.
• Familiarity with Content Delivery Networks (CDNs) and web application delivery architectures.
• Experience working in mid-to-large enterprise environments.
• Strong troubleshooting skills and experience with ServiceNow or similar ticketing systems.
• Ability to write and maintain clear Standard Operating Procedures (SOPs).
• Experience supporting compliance and audit initiatives (e.g., SOX, NIST CSF, PCI DSS).
• Ability to collaborate effectively with cross-functional teams and vendors.
• Ability to work in a 24/7 operational environment.
• Preferred:
• Bachelor's degree in information technology, Cybersecurity, Computer Science, or a related discipline.
• Experience with Email Security platforms such as Check Point Harmony, Proofpoint, Mimecast, or Microsoft Defender for Office 365.
• Experience with certificate lifecycle management platforms such as Key factor or Venafi.
• Familiarity with Microsoft PKI environments and external Certificate Authorities.
• Experience supporting cloud-based application security solutions in Azure and/or AWS.
• Experience with ServiceNow ITSM processes and workflow automation.
• Certifications:
• Imperva Certified Security Professional (ICSP) or equivalent WAF certification.
• Check Point Certified Security Administrator (CCSA) or Check Point Harmony certifications.
• Microsoft Certified: Security Operations Analyst Associate (SC-200).
• Microsoft Certified: Azure Security Engineer Associate (AZ-500).
• CompTIA Security+.
• Shift Timing:
• Work hours may vary, and the position may require availability during off-business hours as dictated by project needs, system changes, or security events.
• How We Work:
• We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:
• We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
• We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
• We execute:

Additional Information

We are seeking an experienced Senior IT Security Analyst to join our IT Security team. This role is primarily responsible for administering and supporting enterprise Web Application Firewall (WAF) platforms to ensure the security, availability, and performance of externally facing web applications. The ideal candidate will have strong hands-on experience with WAF technologies such as Imperva WAF , web application security controls, traffic analysis, and DNS management. Experience with Email Security and Public Key Infrastructure (PKI) technologies is considered a plus. Roles and Responsibilities Web Application Firewall (WAF) Administer and support enterprise WAF platforms, primarily Imperva WAF. Onboard and offboard websites and applications to the WAF environment. Create, update, and tune WAF policies, rules, and security controls to ensure application availability and protection. Monitor and investigate WAF alerts, events, and application-layer attacks. Troubleshoot web application issues related to WAF configurations and traffic management. Work closely with application, infrastructure, network, and DNS teams to support secure application deployments. Manage and troubleshoot DNS records, CNAMEs, SSL/TLS certificates, and related web application dependencies. Support integrations with Content Delivery Networks (CDNs) and cloud-based application protection services. Develop and maintain operational documentation, technical procedures, and Standard Operating Procedures (SOPs). Participate in incident response, problem management, and change management activities related to web application security.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Mattelinc? Share your experience