blackcanyonconsulting

Web Service Protection Engineer

Apply Now

At a Glance

Location
Bethesda, Maryland, United States
Posted
2026-05-26T11:07:14-04:00

Key Requirements

Required Skills

BashPython

Domain Knowledge

  • Automation
  • Government

Benefits & Perks

Health Insurance

ith our competitive benefits package that includes medical, dental and visio

Requirements

Strong understanding of high-volume web service architecture — how traffic flows, where bottlenecks and abuse vectors appear, and how load balancers and edge infrastructure make routing decisions.

Hands-on experience with a major cloud provider's security and networking stack, including:

Solid grasp of HTTP/HTTPS protocol internals — headers, TLS behavior, connection patterns, and how these relate to traffic analysis and fingerprinting techniques.

Experience analyzing traffic using network and application-layer signals including address-based, organizational, and transport-layer fingerprinting methods.

Familiarity with common web server platforms, their log formats, and configuration.

Experience with advanced abuse mitigation techniques, including traffic redirection and challenge-response mechanisms.

Compensation & Benefits

We attract the best people in the business with our competitive benefits package that includes medical, dental and vision coverage, 401k plan with employer contribution, paid holidays, vacation, and tuition reimbursement.

We offer a competitive salary commensurate with experience and location. If you enjoy being a part of a high performing, professional service and technology focused organization, please apply today!

Responsibilities

Develop and own protection metrics and alerting — build dashboards and alert pipelines that surface anomalies across a range of network and application-layer signals.

Perform deep log analysis to identify overuse, scraping, abuse, DDoS, and attack patterns across millions of daily requests.

Operate and tune cloud-based edge security controls — configure and update security policies, rate limiting, and adaptive protection rules in response to evolving threats.

Enforce traffic controls — apply a range of mitigation strategies to abusive traffic while minimizing impact to legitimate users.

You will triage incidents and either resolve them directly or escalate to development or sysadmin teams with clear, actionable information.

Support protection across a mixed cloud and on-premises infrastructure — NCBI operates services in both environments, and protection coverage must extend consistently across both.