Application Security Engineer (IGT1)

Company Description

About IGT1:

IGT1 is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates and also a sister company of IFS.

At IGT1, we partner with global businesses to provide them with an operation that maximizes efficiency, spurs growth, allows them to develop and deliver world-class products and services, and creates long-term value. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives. 

With a team of over 500 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary. 

Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives. 

About the Client: Kyriba

Kyriba is the global leader in cloud-based finance solutions, empowering CFOs and their teams to transform how they activate liquidity as a dynamic, real-time vehicle for growth and value creation. Our award-winning SaaS platform delivers comprehensive treasury, risk management, payments, and supply chain finance capabilities that enable companies to optimize their working capital and enhance financial performance.

Job Description

About this Role

We are seeking an Application Security Engineer with a strong focus on Security Operations and Web
Application Firewall (WAF) monitoring. This role is responsible for detecting, analyzing, and responding to
application-layer threats by reviewing WAF logs, security alerts, and web traffic patterns.
The engineer will work closely with SOC analysts, DevOps, and application teams to strengthen
application-layer defenses, investigate suspicious activity, and continuously improve web security controls.

Security Monitoring & Incident Response

• Monitor application security alerts from Web Application Firewalls (WAF) and other security monitoring tools.
• Investigate suspicious web traffic, attack patterns, and security events.
• Triage and respond to security incidents related to web applications and APIs.
• Conduct root cause analysis for application-layer attacks and security alerts.
• Escalate confirmed incidents to the incident response or security engineering teams.

WAF Management

• Configure, tune, and maintain WAF policies and rules to protect web applications.
• Analyze WAF logs to identify attack attempts such as SQL injection, cross-site scripting, bot activity, and API abuse.
• Optimize WAF configurations to reduce false positives and improve detection accuracy.
• Implement custom rules to mitigate emerging threats and vulnerabilities.

Threat Detection & Security Analysis

• Analyze security events using SIEM and monitoring platforms.
• Correlate WAF alerts with other security telemetry to identify potential attacks.
• Identify trends in web attacks and recommend improvements to security controls.
• Maintain documentation for incidents, WAF rules, and detection strategies.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field (or equivalent experience).
• 3+ years of experience in cybersecurity, security operations, or application security.
• Hands-on experience working with Web Application Firewalls (WAF).
• Experience analyzing security logs, alerts, and threat events.
• Experience working in a Security Operations Center (SOC) or similar monitoring environment.
• Understanding of web protocols such as HTTP, HTTPS, REST APIs, and web architectures.
• Familiarity with SIEM platforms and security monitoring tools.

Additional Information

We champion flexibility and hybrid work options to support varying lifestyles and personal needs. At the same time, we value the power of in-person collaboration to build community, spark innovation, and strengthen connections. Our approach ensures you can work in ways that suit you best while still engaging with colleagues to share ideas and grow together. #LI-Hybrid #LI-DNP