Application Security (WAF) Engineer (Contract)

Information Technology Belgrade, Serbia Req.Num.: 12083

Who are our employees?

We’re an eclectic group of 4,000+ dreamers, believers and builders, operating in over 40 countries. We’re Hungry. Humble. Honest. With Heart. The 4H’s: these are our core values and the DNA of our company. They help drive our employees to succeed, to strive to be better, to learn from every experience. Our employees are encouraged to have spirited debates and conversations and to think with a founder’s mindset. This means we’re all CEO’s of the company and, as such, make the best decision every day that aligns with our company goals. It’s through our values, our conversations and mindsets that we can continue to disrupt the industry and drive innovation in the market.

Who are we in the market?

Nutanix is a global leader in cloud software and hyperconverged infrastructure solutions, making infrastructure invisible so that IT can focus on the applications and services that power their business. Companies around the world use Nutanix Enterprise Cloud OS software to bring one-click application management and mobility across public, private and distributed edge clouds so they can run any application at any scale with a dramatically lower total cost of ownership. The result is organizations that can rapidly deliver a high-performance IT environment on demand, giving application owners a true cloud-like experience. Learn more about our products at or follow us on Twitter @Nutanix.

Application Security Engineer (WAF Engineer)

The ideal candidate will:

  • Have a strong working, hands-on knowledge of Web Application Firewall (WAF) configuration, including Akamai or Incapsula
  • Set up Splunk alerts, especially based on WAF events
  • Work with product teams to coordinate WAF onboarding, explaining certificate provisioning and related DNS changes required to support successful WAF configuration
  • Support the SDL threat modeling function
  • Develop integrations between security tools, using orchestration tools like Workato and/or bash scripting
  • Run ad-hoc burp security scans of web applications and APIs that present complex authentication scenarios


  • BS degree or 3+ years of information security and/or application security experience.
  • Seasoned experience with modern web applications frameworks and their security requirements
  • Strong proficiency with tools like Akamai, Imperva, or other web application firewalls (WAF)
  • Knowledge of top security flaws and resolutions as listed by OWASP and SANS
  • Knowledge of Web Application Firewalls, SSL/TLS, Forward and reverse proxies.

Desired Skills:

  • Ability to write scripts in bash, python, ruby, java and similar modern programming languages
  • Working knowledge of at least one cloud computing platform, such as AWS or Azure
  • Ability to collaborate with technical and vendor personnel, cloud service providers
  • Experience with web application scanning tools like Veracode, Burp Suite Professional, WhiteSource, BlackDuck.
  • Working knowledge of Rest API testing and related tools, including Postman
  • Working knowledge of json, xml, http headers and related rest api authentication / authorization approaches

Nutanix is an equal opportunity employer.

The Equal Employment Opportunity Policy is to provide fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability. Nutanix hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

Nutanix believes that associates should be provided with a working environment that enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status or disability.

We expect and require the cooperation of all associates in maintaining a discrimination and harassment-free atmosphere.