Job Information

BASF Internet Web Security Engineer in Mississauga, Ontario

You can be part of an inclusive team of diverse talent and character. In this diversity lies our greatest strength.

Core Responsibilities

We are seeking a professional like you to serve as DevOps engineer in the Internet Access and Web Security product of our team. In this role, work will include the whole product lifecycle from customer consultancy over architecture, solution design, projects, implementation, keep system running to continuous improvement.

Some examples from technical perspective:

o Internet Access (Proxy Servers / SASE)

o Internet Access ruleset configuration, maintenance and lifecycle management

o Incidents involving related to web access requests

o Internet connectivity for software applications

o SSL Interception

o Generate custom reports

· Web Application Firewalls:

o Consulting for web application product teams

o Web Application Firewall (WAF) ruleset creation and maintenance

o Optimization of WAF Ruleset lifecycle management and other operations processes

o Attack Signature updates

o SSL Certificates

o Creation and renewal of SSL certificates, mostly for company hosted web-based applications

The new colleague will be part of the stand by team, where every 5 or 7 weeks the colleague will need to be reachable via cell phone (company provides cell phone) 24x7 for one week. The week assign for On Call Duty is scheduled and agreed every quarter with the team members.

  • BASF Digital System operates according to the Agile development process and strongly believe in the DevOps approach to delivering successful IT solutions. Our focus is on high-quality content delivered in time using iterative development with regular milestone demos to the business.

  • You believe that business value is delivered by Agile top engineers working together in high performing Dev/Ops teams, according to our Agile frameworks.

  • You show your experience of significant years of experience with Agile mythologies like Scrum, Kanban, etc.

Knowledge and Experience


· Bachelor’s Degree from an accredited college or university is required

· Minimum 5 years relevant job experience

· Well-known certifications around networking, Cloud and Cyber Security are welcome (e.g. CCxP, CISSP…)

· Curiosity, willingness to learn

· Openness for working in agile ways and as part of a globally spread, virtual team

· IT process automation and optimization

· Excellent English skills mandatory; German and Spanish welcome but optional


· Strong background in network, server and cloud administration with a strong security focus in large-scale enterprise environments

· Agile Methodologies

· ITIL (IT Infrastructure Library) Processes

· Applicants should have extraordinary analytical thinking and troubleshooting skills and a high level of self-reliance.

· Applicants must be fluent in English and be willing and able to work as part of a globally spread, virtual team. Strong will and ability to communicate within and outside the team, e.g. with end users, is key.

· Ability to learn new technologies is essential.

· Applicants should be culturally fluent and have excellent time-management skills

· Has architected, designed, built and run a mid to large size, secured internet access environment

· Operational Provider management

o Steer contractors

o Monitor and report the quality of their work

o Train and accompany them


· F5 ASM or other web application firewall products, preferably cloud-based

· Cloud Platforms (Azure, AWS) and secure Cloud connectivity

· Palo Alto Next Generation Firewall

· Palo Alto Prisma, Palo Alto Cortex (SASE in general)

· (Broadcom/Symantec ProxySG and Reporter)

· Network troubleshooting tools (Wireshark, Fiddler)

· (IBM AppScan, web application scanning)

· Enterprise Management tools: Panorama, BigIQ, Symantec Management Center

· Advanced protocol knowledge in TCP/IP, TLS and HTTP

· Optional: Experience with performance monitoring and the relevant Riverbed products

· Optional: Practical experience and deep understanding of DNS and DHCP enterprise solutions, e.g. QIP

o Subnet creation and maintenance.

o Maintain domain names.

o Configure Dynamic and Manual DHCP scopes.

o Manage the logical DNS name space of a large scale company.

Job: ITSE - Information Technology & Services

Organization: GDA/BC-RBPS NA Canada Mexico MidWest-63009551

Title: Internet Web Security Engineer

Location: CAN-ON-Mississauga

Requisition ID: 2002325