Share this Job

Sr. Technology Engineer - Information Security

Date: Jan 18, 2023

Location: Atlanta, GA, US, 30308

Company: Norfolk Southern Corp.

Requisition 35175: B4 - Sr. Technology Engineer - Information Security 




The WAF engineer works as part of the cybersecurity team to manage and secure web-based applications hosted on-premises and in the cloud. In this role, the WAF engineer is responsible for designing secure WAF configurations that defend against threats and vulnerabilities without impeding the business. The WAF engineer executes controls adhering to policies, monitors against the threat landscape and recommends changes where necessary. Working as part of a team, the WAF engineer shares information and testing effectiveness of controls and collaborates to counter threats and vulnerabilities. The WAF engineer understands the applications in use, where weaknesses may exist and how WAF controls can help thwart vulnerabilities in dynamic and legacy applications. The role is responsible for WAFs maintained by Norfolk Southern (cloud or on-premises) and those managed in tandem with third-party service providers.


  • Design, test and deploy solutions and settings with rules designed to protect against vulnerabilities and threats targeting web-based applications and services.
  • Document and maintain policies and standard operating procedures aligning with strong security practices, standards, application and host integrity, and OWASP best practices.
  • Monitor and respond to events and alerts generated by SIEM and security orchestration, automation and response solutions.
  • Develop and implement workflows to update and maintain configurations across protected infrastructure.
  • Collaborate with incident responders and SOC team members to investigate suspicious activity (analysis and response may need to occur off-hours and on a scheduled rotation).
  • Partner with offensive security team members to test the efficacy of WAF configurations against adversary emulation and enhance team knowledge.
  • Regularly participate in adversary emulation tabletop exercises designed to identify gaps, improve skills, transfer knowledge and improve efficiency at reducing risk.
  • Automate where possible to deploy consistent configurations to WAFs.
  • Work with security team members to enforce thorough application inventory and management standards, as well as audit compliance for applications and services under corporate policies. 
  • Review reports from vulnerability and penetration tests, and results from tabletop exercises, to identify exposure and improve application security posture in tandem with application security engineers.
  • Liaison with threat hunting, infrastructure, information technology, vulnerability management, threat intelligence and software engineer team members.
  • Regularly report to security leadership on security posture supporting defined metrics and service levels.
  • Be professionally accountable for remaining educated on the threat landscape and mitigation techniques.
  • Openly support the organization, management and executive leadership team, even during times of adversity.
  • Perform other duties as assigned.
  • Preferably 5+ years’ experience in a security systems administration, application security or SOC IR role.
  • Understanding of OWASP Top Ten, threats and vulnerabilities, and tactics used to compromise applications.
  • Hands-on experience with WAFs, next-generation firewalls, IDS/IPS and proxies.
  • Proficiency with applications, databases, web services, authentication and middleware servers.
  • Fundamental knowledge and experience with threat intelligence, DDoS, bots and content delivery networks.
  • Demonstrated understanding of cross-site request forgery, cross-site scripting, directory traversal, remote code execution, SQLi, session IDs, and authentication and authorization abuse.
  • Ideally familiar with one or more regulatory requirements and laws such as, Payment Card Industry, Federal Financial Institutions Examination Council, Sarbanes-Oxley Act (SOX), HIPAA, GDPR, California Consumer Privacy Act (CCPA) and Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following: ISO 17799, ITIL, Cybersecurity Maturity Model Certification and NIST Cybersecurity Framework.
  • Aptitude with one or more scripting languages (e.g., Python, PowerShell, JavaScript and Bash).
  • Track record acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
  • Demonstrated strong written and oral communication skills across varying levels of the organization.
  • Organized with the ability to prioritize and complete tasks within defined service-level agreements (SLAs).
  • Excellent judgment and the ability to make quick decisions when working with complex situations.
  • Understanding of Malware



  • Bachelor's degree preferred in information assurance, computer science, engineering or related technical field.


Work Conditions:

  • Environment: Hybrid (Position based in Atlanta, GA)
  • On-Call: Yes
  • Weekend Work: As Required
  • Travel Required: 0-2 Days per Month


Company Overview

Since 1827, Norfolk Southern Corporation (NYSE: NSC) and its predecessor companies have safely moved the goods and materials that drive the U.S. economy. Today, it operates a customer-centric and operations-driven freight transportation network. Committed to furthering sustainability, Norfolk Southern helps its customers avoid 15 million tons of yearly carbon emissions by shipping via rail. Its dedicated team members deliver more than 7 million carloads annually, from agriculture to consumer goods, and is the largest rail shipper of auto products and metals in North America. Norfolk Southern also has the most extensive intermodal network in the eastern U.S., serving a majority of the country’s population and manufacturing base, with connections to every major container port on the Atlantic coast as well as the Gulf of Mexico and Great Lakes. Learn more by visiting

At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.

Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation, and gender identity. Together, we power progress.

Effective December 8, 2021, NS has paused its implementation of the COVID-19 vaccine mandate given the dynamic legal proceedings.  The ultimate outcome of the federal contractor vaccine mandate is yet to be determined. It is still possible that the mandate, as it applies to NS, could be upheld in court in the near future. If the mandate is upheld, NS employees will be required to be vaccinated or have an approved medical or religious accommodation.

Nearest Major Market: Atlanta