We are seeking a motivated and skilled Cyber Security Engineer to join Product Security team. This role will primarily focus on managing and enhancing Web Application Firewalls (WAFs) and strengthening Product Security. The ideal candidate will bring hands-on experience with security technologies, a keen understanding of application security challenges, and the ability to collaborate effectively across product and engineering teams.
About You – experience, education, skills, and accomplishments
1. 5+ years of experience in cyber security, with emphasis on WAF, application and cloud security.
2. 4+ years of experience working with WAF solutions (e.g., AWS WAF, Azure WAF, F5, Cloudflare WAF).
3. 3+ years of experience working with cloud platforms (AWS, Azure, GCP) and related security practices.
4. 2+ years of experience working with secure SDLC, OWASP Top 10 and application security vulnerabilities.
It would be great if you also had
5. Familiarity with security frameworks and standards such as NIST, OWASP, CSA.
6. Hands-on experience with vulnerability scanning, and incident response.
7. Strong understanding of networking concepts, application protocols (HTTP/HTTPS), and cloud security.
8. Relevant certifications such as CISSP, CCSP, CySA+ are a plus.
9. Experience with automation of security controls.
10. Exposure to security tools such as DAST, RBVM, SAST.
11. Familiar with cloud architecture, container security and DevSecOps practices.
12. Excellent problem-solving, communication, and collaboration skills.
What will you be doing in this role?
13. Design, deploy, configure, and maintain Web Application Firewalls (WAF) to protect enterprise web applications from cyber threats.
14. Conduct security assessments of products to identify vulnerabilities.
15. Collaborate with development and product teams to integrate security best practices into the product lifecycle.
16. Monitor, analyze, and respond to security alerts and incidents related to WAFs and application security.
17. Implement security controls and policies aligned with industry standards and regulatory requirements.
18. Participate in vulnerability management, penetration testing, and remediation efforts.
19. Develop and enforce security controls security documentation, aligned with industry standards and compliance requirements.
20. Research emerging security threats and recommend technology solutions related to enhance security posture.
Product you will be developing
The Cybersecurity Engineer will work within Clarivate's global security team, focusing on Security Engineering & Operations, Product Security, Security Architecture, and Governance, Risk & Compliance. You will contribute to incident response, risk management, compliance, and security tool integration while ensuring best practices are followed across our cloud and on-prem environments.
About the Team
Our Cybersecurity team is spread across the world, with members in North America, Europe, and Asia. The Cybersecurity Engineer role will be part of the Product Security team. This position will report to the Cybersecurity Manager based in North America and will collaborate closely with other security teams, product teams, and internal stakeholders to support our security initiatives and maintain a strong security posture.
Benefits
Serbia:
21. Holidays: 25 days paid leave per annum
22. Private Health Insurance
23. Paid Lunch
24. Yearly Bonus
25. Yearly Merit Plan
26. My Learning Platform
27. Fit Pass
28. Life Insurance
29. Accident Insurance
30. Company bicycles for rent free of charge
*Different benefits offered by the Barcelona office
Hours of Work
This is a permanent full-time position, with core engagement hours within CET time zone. This is a hybrid position; you will be expected to work from our Belgrade office 3 days every other week.
*Different working hours offered by the Barcelona office
Please note that only shortlisted candidates will be contacted.
#LI-Hybrid
At Clarivate, we are committed to providing equal employment opportunities for all qualified persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.