Shire Jobs

REQ-25655

Are you inspired by “what’s next”? So are we.

When you join the Albemarle team, you contribute to a better tomorrow. You will play a role in powering many of the world’s largest and most critical industries, from energy and communications to transportation and electronics. We are putting innovation to work to improve people’s lives and we want YOU to be a part of it.

Job Description

IT Security Engineer with a strong focus on web application infrastructure, Secure Software Development Life Cycle (SDLC), Web Application Firewalls (WAF), Key Vaults, DevOps practices, cloud security, and integration with Security Information and Event Management (SIEM)/Security Orchestration, Automation, and Response (SOAR) systems. The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our web applications, services, and the underlying infrastructure in a dynamic cloud environment, including specific technologies such as Cloudflare and Veracode.

Key Responsibilities:

• Develop and enforce security strategies for web application infrastructure across development, testing, staging, and production environments.

• Implement and manage security solutions within the SDLC, including integrating security tools into CI/CD pipelines.

• Configure, manage and monitor Web Application Firewalls (WAF) to protect web applications from threats and vulnerabilities.

• Securely manage encryption keys, secrets, and other sensitive data using key vaults and secure storage mechanisms.

• Collaborate with DevOps teams to ensure security best practices are followed in software deployment, containerization, and orchestration processes.

• Perform regular security assessments, code reviews, and penetration testing to identify and mitigate security risks.

• Develop, configure, and fine-tune SIEM/SOAR systems detections to identify and respond to threats specific to web and application security.

• Develop and maintain cloud security policies and procedures, ensuring compliance with industry standards and regulations.

• Provide guidance and leadership on emerging security technologies and threat landscapes.

• Prepare and maintain documentation regarding security configurations, processes, and protocols.

• Collaborate with IT and development teams to foster a security-aware culture and ensure that security is integral to the development process.

• Utilize specific tools such as Cloudflare for enhanced web security and Veracode for application security testing.

Qualifications:

• Proven experience (3-5 years) as an IT Security Engineer focusing on web applications, cloud environments, and SIEM/SOAR systems.

• Strong understanding of Web Application Firewalls, key management technologies, secure coding practices, and security incident handling.

• Experience with DevOps tools (e.g., Jenkins, Docker, Kubernetes, Terraform) and integrating security into CI/CD pipelines.

• Proficiency in managing security in cloud platforms (AWS, Azure, Google Cloud).

• Knowledge of compliance frameworks and standards such as ISO 27001, SOC 2, GDPR, and NIST.

• Relevant certifications such as CISSP, CEH, GSEC, or cloud-specific certifications (AWS Certified Security, Azure Security Engineer) are desirable.

• Excellent analytical, troubleshooting, and communication skills.

• Specific experience with Cloudflare and Veracode is highly desirable.

Working Conditions:

• This role may require occasional evening and weekend work to perform system upgrades and integrations or respond to security incidents.

• Hybrid Work Location

Choose to unlock your full POTENTIAL. Apply today.