Enova Consulting

Senior Application Security Engineer

Enova Consulting

full-time

Posted on:

Location Type: Hybrid

Location: GenèveSwitzerland

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

FluxTCP/IP

About the role

  • Application protection & WAF (core of the role 🔥)
  • Design, deploy and especially configure application protection solutions (WAF, reverse proxy, load balancer).
  • Implement and refine WAF policies (positive/negative models).
  • Manage advanced rule tuning and reduce false positives.
  • Deploy protections against common web attacks (OWASP Top 10, injections, XSS, etc.).
  • Implement rate limiting and advanced protection strategies.
  • Lead progressive production rollouts (monitoring mode → blocking).
  • Secure HTTP/HTTPS traffic and manage TLS configurations on proxy/termination.
  • Control and reduce application exposure surface on the Internet.
  • Participate in traffic optimization (ports, access, filtering).
  • Ensure consistency of L4/L7 configurations (load balancing, health checks, persistence).
  • Implement IP reputation-based filtering mechanisms.
  • Leverage threat intelligence feeds to strengthen protections.
  • Manage exceptions (allowlisting), limit false positives and maintain rule quality.
  • Contribute to vulnerability management related to application exposure.
  • Participate in log analysis and security incident investigations.
  • Document configurations, maintain standards and ensure traceability.
  • Collaborate with network, security and application teams.

Requirements

  • Degree in computer science or cybersecurity, with proven experience in application security and a strong focus on protection.
  • Solid expertise with WAF solutions (configuration, tuning, operation).
  • Strong knowledge of protection architectures: reverse proxy, load balancer.
  • Excellent understanding of web protocols (HTTP/HTTPS, TLS, headers, cookies).
  • Good grasp of networking concepts (TCP/IP, ports, NAT, stateful filtering).
  • Experience securing Internet-facing applications.
  • Ability to configure, optimize and maintain security solutions in production.
  • Knowledge of web attack techniques (OWASP, exploitation, attack vectors).
  • Experience in threat intelligence and dynamic filtering.
  • Basic automation skills (scripting, APIs, Git).
Benefits
  • Remote work: 2 days per week (3 days on-site)
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
WAFapplication protection solutionsreverse proxyload balancerWAF policiesrate limitingTLS configurationsIP reputation-based filteringlog analysisscripting
Soft Skills
collaborationleadershipproblem-solvingcommunication
Certifications
degree in computer sciencedegree in cybersecurity