- We are considered a Dev Sec Ops department.
- There’s a heavy emphasis on using opensource tools/libraries to build the tools we need to automate all sorts of work
- Protect the Client Enterprise stack from external threats to internal VIPs/Infrastructure
- Engage in industry-leading bot mitigation techniques, deep traffic analysis, and
- threat modeling.
- Build and utilize partnerships across multiple internal organizations with product and engineering teams to imagine, design, and implement edge and downstack solutions for bot mitigation and identity protection
- Develop counter strategies for malicious scanners & credential stuffing.
- Develop operational tooling and automation against APIs for WAF configuration changes, edge and origin bot-mitigation, anti-fraud measures, and load-shedding to protect critical infrastructure and sensitive external-facing endpoints.
- Ideate novel and clever solutions for detecting/mitigating emerging bot-related threat vectors.
- Respond to production incidents, partnering with Operations/ERC/Engineering teams to mitigate bot and other related malicious traffic at the edge.
- A burning desire to learn and do more in the edge security space with bot mitigation techniques and anti-fraud efforts at scale.
- Ambition and motivation to stay current and on the cutting edge of the evolving landscape of bot techniques and online fraud.
- 10-20 hours a week initially but will taper off once they are more familiar with our platform and needs
What are the top five skills and number of years of experience required to perform this job?
- 5 or more years experience and demonstrated proficiency with working from GNU shell environments (git, curl, jq/yq, sed/awk/grep parsing, pipes and redirection, ssh/scp/rsync, openssl, gpg)
- scripting languages (shell/bash, ruby, javascript, python)
- WAF technologies (Akamai, AWS Cloudfront, Azure Application Gateway, Fastly, Citrix, F5, Imperva, Barracuda, ModSecurity, Snort, Owasp)
- Logging/monitoring platforms for analysis (Splunk, ELK/Kibana, Dynatrace, Akamai Luna Security Center, Graphite/Grafana)
- Deep understanding of web technologies (REST, CORS, CDN Caching and delivery config, Cloud ELB tiers and scaling, TCP/IP, AJAX, Certs, Ciphers)
- 2 or more years of experience with Utilizing anti-fraud/anti-bot solutions (Shape Security, Threatmetrix, Datadome, PerimeterX, CAPTCHA, Incapsula, Akamai Botman, Cloudflare Bot Management)
- CDN WAF and bot mitigation edge technologies.
- Additional programming languages (perl, java/groovy, Go, Rust)
- Web automation (casperjs, phantomjs, nodejs - puppeteer/chrome-headless)
- Developing tooling against CDN APIs.
- Yes
Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.
In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact hr@horizontal.com.
All applicants applying must be legally authorized to work in the country of employment.
Success!
You have saved your first job! To see all your Saved Jobs, click here. Or continue scrolling through jobs and bookmark openings that catch your eye and apply for those jobs later.
We’re sorry!
There are currently no open positions in your location or accepting applications from out of the country
Return to Home