Job Description

Position: Application security consultant

Location : Remote EST

Duration: 6 months

Seeking an Application Security Consultant to join the Information Security team and help advance our application security program. This role will play a critical part in the design, build, and operation of security capabilities that protect Wyndham's web and mobile applications, with a primary focus on Akamai Web Application Firewall (WAF) technologies and Bot Management. A major responsibility will be building out and optimizing the Akamai WAF technology.

As a member of the Cybersecurity team, the consultant will play a central role in executing the application security program's architecture and framework, while providing critical guidance to development and application teams. The position will work directly with business application teams on the design, delivery, and protection of our web and mobile products. Regular interaction with both technical and business personnel will be required to provide security analysis and recommendations that balance security with business needs.

The consultant will be responsible for day-to-day operations of Akamai WAF and Bot Management technologies, including policy tuning, detection updates, and adapting protections to address evolving attack methods. The role will ensure that security controls remain effective without introducing unnecessary friction, performance issues, or customer impact. This position will also oversee supporting application security technologies such as code scanning solutions, keeping tools, detections, and protections current and aligned with Wyndham's security requirements.

Requirements

Key skills:

- Must have at least 3 year' experience with Akamai

• • + 3years of offense/defense application security experience with proven expertise with Akamai WAF and Bot Manager, including policy tuning, configuration, detection updates, and integration with business applications
  • Knowledge of web and mobile application development and deployment methodologies
  • Familiarity with programming/scripting languages such as Node.js, React Native, JavaScript, Java, and Python to support troubleshooting and integration
  • Advanced knowledge and hands-on experience securing AWS cloud environments, including APIs and serverless applications
  • Strong understanding of application and API security vulnerabilities (beyond OWASP Top Ten) and effective remediation techniques that minimize business impact
  • Experience implementing and administering complex application security solutions, with emphasis on cloud-delivered services and DevSecOps integration
  • Solid understanding of agile methodologies, DevSecOps practices, and CI/CD pipeline integration

Familiarity with security threat intelligence sources and how they inform application

- Mobile Development experience

- Must have AWS

- Experience with React Native - nice to have

- Hospitality experience - nice to have

Job Tags

Similar Jobs