Lead Operational Engineer - L3 - Web Applications Security

At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Our Cyber Defence Operations team is looking to urgently hire a dynamic and experienced Lead Operational Engineer- Web Applications Security - L3 to join our team.  

 
Our Lead engineer is expected to lead, investigate and manage complex cybersecurity incidents as well as manage escalations from security operations and investigate intrusions of all anomalous and misuse activities on hosts and networks. Additionally, they manage the critical incidents and provide deep expertise to guide engineers and ensure a robust security posture to protect the organisation. You will also be accountable for threat detection, identification, prevention, and reporting of cyber-attacks.          

What you will do: 

• Manage critical incidents and challenges and be the focal point of contact for major incidents. Coordinate with other departments during critical incidents and drive post-incident reviews and formulate preventive strategies.


• Detect, identify, and respond to possible cyber-attacks, intrusions, anomalous and misuse activities as well as evaluate incident triage activities to ensure optimum incident resolution including the ownership of escalated incidents.


• Analyse network traffic and system data to detect potential threats to resources and provide recommendations for remediation. Conduct analysis that encompasses defining the scope, urgency, and potential impact.


• Perform correlation of security incidents and events to build threat detection and prevention capabilities baseline network traffic and host activity across the enterprise.


• Manage and document the incident throughout its cycle, including tracking and documenting incidents from initial detection through final resolution. Update the knowledge base, preventative controls, and standards operating procedures.


• Executing incident trend analysis, reporting and assessing the impact on data and infrastructure as a result of cyber incidents as well as leading security operations, responding to feedback from internal IT departments, business and audit operational performance against the defined metrics and goals.


• Collaborate with intelligence analysts to correlate threat assessment data and recommend methods to enhance defence capabilities as well as liaising with the content Engineering Team to identify and implement automation and service improvement programs to manage security operations efficiently. 

Specific Knowledge and Skills for the role of Engineer- Web Applications Security - L3

The following are critical skills required to be successful in this role: 

• Designing and deploying complex and scalable WAF architectures, including high availability setups, integration with application delivery controllers (ADCs), and handling geographically distributed applications. 


• Expertise in creating advanced and granular WAF security policies, leveraging WAF capabilities to protect against sophisticated attacks, customizing rules for specific applications, and effectively handling exceptions. 


• Advanced rule optimization to minimize false positives and negatives, ensuring accurate identification and blocking of threats while allowing legitimate traffic, employing custom signatures and behavioural analysis. 


• Integration with threat intelligence feeds and external sources to enhance WAF policies, using real-time threat data to proactively update and strengthen defences against emerging threats. 


• Comprehensive knowledge of web application security vulnerabilities (OWASP Top 10, SANS Top 25) and attack methodologies, enabling effective policy implementation and protection against evolving threats. 


• Leading incident response efforts related to WAF incidents, conducting in-depth forensic analysis, understanding attack vectors, and developing strategies to prevent future occurrences.