Security Consultant

Job Title: Security Consultant Role Summary We are seeking a Security Consultant to join our team as a hands-on technical specialist in automated threats and application security. In this role, you will be responsible for implementing, tuning, and maintaining security controls that protect our e-commerce platform and customer experience. You will collaborate closely with Security Engineers and Architects, while acting as a technical bridge to Application, DevOps, and Operations teams - providing execution and advisory support across the security lifecycle. Key Responsibilities 1. Bot Traffic Management & Edge Security Detect and mitigate advanced automated traffic, including headless browsers and human-mimicking bots. Analyze traffic patterns to identify and block threats such as credential stuffing, ATO, inventory scalping, and scraping. Implement and maintain edge protections including Akamai Bot Manager Premier (BMP), WAF, Content Protection Rules (CPR), and CDN configurations. 2. Application Security Through Entire SDLC Embed SAST (SonarQube) and DAST (Invicti) within the CI/CD pipeline in collaboration with DevOps. Triage vulnerabilities, reduce false positives, and ensure actionable remediation guidance for developers. Conduct targeted application and API security assessments using Burp Suite. 3. Security Enablement & Operational Support Partner with Application Teams to remediate vulnerabilities aligned with OWASP Top 10 and API security best practices. Support Production Operations by troubleshooting security incidents, tuning controls, and minimizing false positives or performance impact. Contribute to identifying and prioritizing security debt in coordination with business and engineering teams. Technical Profile Experience: 5+ years in application security, web security, or security incident management preferably in e-commerce or high-traffic environments. Threat Knowledge: Strong understanding of OWASP Automated Threats (OAT) and common attack patterns targeting online retail platforms. Tools & Platforms: Hands-on experience with one or more of the following: Invicti, Burp Suite, SonarQube, and bot mitigation tools (e.g., Akamai BMP, QuietAI). Technical Foundations: Familiarity with CDN/WAF architectures, API protocols (REST/GraphQL), and modern web application stacks. Collaboration: Ability to translate security findings into clear, actionable guidance for development and operations teams. Soft Skills · Strong communication skills with the ability to explain security risks and remediation clearly to technical and non-technical stakeholders. · Collaborative mindset with experience working across development, DevOps, and operations teams. · Analytical thinking and problem-solving skills, especially when investigating complex or ambiguous security issues. · Ability to prioritize effectively in a fast-paced, production-driven environment. · Proactive and ownership-driven approach to improving security posture and processes. Team Dynamics This role is focused on execution, analysis, and enablement. You will operate within the frameworks defined by Security Architects and Engineers, while serving as a key partner to application, DevOps, and operations teams to ensure security controls are effective and sustainable. Requirements Graduation