Senior Information Security Consultant - WAF Expert


About the role:

We’re looking for an experienced and passionate Senior Consultant, Information Security “WAF Expert” to join our Information Security Services team!

The team’s mission is to predict and prevent incidents by identifying and helping to remediate security threats and weaknesses within DPDHL IT portfolio, emphasizing on applications & services.

Being part of this team, you are required to provide support related to Web Application Firewalls (WAF). Your job is to identify and help with application security policy build and maintenance, WAF infrastructure setup and design & provide expert advice with in regards to WAF related topics.

Your work is essential to prioritize our global defenses and react quickly to an ever changing, dynamic threat landscape. To achieve this, you will be interacting with our business colleagues, our Cyber Defense Center, and our operations teams across the globe, to name a few.

Team introduction:

Information Security Services cooperates with all division under the IT Security, Risk and Compliance Management team to meet business partner's requirements to maintain the confidentiality, integrity and availability of the IT infrastructure and assets. Services provided are but not limited to:
• Vulnerability Assessment
• Penetration Testing
• Threat Intelligence
• WAF Support
• Compliance assessment on ISO readiness and data protection

The team also provides consultation by reviewing existing network and system/software architectures and will recommend best way forward to both strengthening existing security mechanisms and compensating for any inherent security weaknesses. Other than that, the team evaluates and examines raised changes (RFCs) to ensure that all security aspects are taken into consideration before a change is approved.

What you will do:

• Expertise in one or multiple areas such as operating systems, web services, programming languages, network devices, application vulnerabilities and attack vectors
• Exposed to Web Application Vulnerabilities
• Expert knowledge of Web Application Firewall product administration
• Knowledge of web technologies
• Proven ability to understand and analyze highly complex issues, then apply experience and judgment to develop sound recommendations related to application and security event identification and resolution
• Experience in reviewing and analyzing log files and data correlation
• Respond to break-fix & security incident requests for F5 WAF related issues
• Contribute to the design, planning, and implementation of F5 appliances
• Strong researching, writing, and organizational skills
• Strong understanding of networking concepts
• Ability to work independently and as a member of a team
• Represent the Information Security Department on security committees & departmental meetings as deemed appropriate
• High performance skillset which not only understands the threat spaces as it relates to risks, but also able to meet the technical challenge of communicating this out to our stakeholders
• Assist and train junior team members

Application you will use:

• WAF appliances such as F5
• Cloud WAF setups (For example: Akamai cloud WAF)

You should have:

• At least 8 to 10 years of experience with support Web Application Firewalls
• Threat centric understanding and being able to translate the threat into security policies
• Experience in automating recurring tasks by scripting and API utilization
• Communication and time-management skills
• Ability to:
- adapt to dynamic threat landscape in a global environment
- evaluate any impacts from sources of threat intelligence and provide the required recommendations
- work unsupervised, under pressure and meet deadlines
• Creative with strong commitment to quality and excellence
• Educated to degree level in IT Security, Engineering or equivalent
• Strong analytical skills and efficient problem solving
• Fluency in English

Nice to have:
• Certifications like GIAC family, CISSP, CISA, CEH, ECSA, LPT or similar
• F5 WAF related certifications
• Data Analytics

What we offer:

• Great team of IT professionals and possibility of technical development
• Modern offices in Chodov
• Home office possibilities
• Permanent contract
• Company Car, Pension plan contribution, Long-term Sickness Insurance
• CAFETERIA employee benefit program with wide selection of benefits from Edenred
• Extra week of holiday (25 days/year), 6 Self-sickness days/year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company
• Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……

Sounds good? Start your application now!


Miroslav Flaška
Miroslav Flaška
DHL Information Services (Europe) s.r.o.

V DHL ITS jsem zodpovědný za kompletní nábor pro oddělení Solution Delivery,  které zastřešuje například software development, projektový management, technické konzultace nebo systémovou integraci a konfiguraci a za nábor pro oddělení Information Security. Především obsazuji pozice, Architect, Software Engineer, Test Engineer, Project Manager, Consultant a Information Security Engineer.

Víte o někom, kdo by měl o pozici zájem? Sdílejte!