Security Engineer II - WAF
- Cbts
- 5 - 10 years
- Chennai
- 1 month ago
- Email to a friend
- Report this job
Job Description
Job Experience Required:
5+ years of experience in cybersecurity, with at least 2-3 years focused on WAF technologies.
Hands-on experience with one or more WAF platforms (e.g., AWS WAF, Azure WAF, Cloudflare, F5, Imperva).
Strong understanding of HTTP/S protocols, web application architecture, and common vulnerabilities.
Familiarity with OWASP Top 10, DDoS mitigation, and bot protection techniques.
Experience with log analysis tools (e.g., Splunk, ELK) and SIEM integration.
5+ years of experience in cybersecurity, with at least 2-3 years focused on WAF technologies.
Hands-on experience with one or more WAF platforms (e.g., AWS WAF, Azure WAF, Cloudflare, F5, Imperva).
Strong understanding of HTTP/S protocols, web application architecture, and common vulnerabilities.
Familiarity with OWASP Top 10, DDoS mitigation, and bot protection techniques.
Experience with log analysis tools (e.g., Splunk, ELK) and SIEM integration.
We are seeking a skilled and detail-oriented WAF Engineer to join our security implementation team. In this role, you will be responsible for the deployment, configuration, and management of Web Application Firewalls to protect our web applications from evolving threats. You will work closely with security, DevOps, and application teams to ensure robust protection and compliance.
Security Design and Deployments: Deploy, configure, and manage WAF solutions (e.g., AWS WAF, Azure WAF, Cloudflare, Imperva, Akamai). Create and maintain custom WAF rules to mitigate OWASP Top 10 vulnerabilities and other web-based threats.
Performance Tuning: Optimize performance, ensuring high availability, scalability, and minimal impact on application traffic. Provide recommendations for improving web application security posture.
Incident Response: Investigate and respond to security incidents related to web application attacks breaches, performing root cause analysis and remediation. Perform regular WAF policy tuning and false positive/negative analysis.
Policy and Rule Management: Create and enforce WAF policies and access control rules, regularly reviewing and updating them to address new threats and changes in network and application framework.
Security Best Practices: Advocate for and enforce security best practices across all stages of the development lifecycle to ensure secure application delivery. Stay updated on the latest web security trends, vulnerabilities, and threat intelligence.
Collaboration: Work closely with development teams to integrate security features and practices into new and existing applications and systems.
Documentation and Reporting: Maintain comprehensive documentation for security procedures, incidents, and system configurations. Provide regular reports and updates to stakeholders.
Compliance: Ensure that security practices comply with industry standards, regulations, and company policies.
Education:
4-year bachelors degree or equivalent experience, preferably in Computer Science, Information Systems or Engineering (or) Three years of College or Technical School resulting in an Associate s Degree or equivalent
Accreditation / Certification / Licenses:
Certifications such as CEH, CISSP, AWS Security Specialty, or equivalent
Scripting knowledge (Python, Bash) for automation and rule management
Knowledge of CDN and reverse proxy technologies.
Certifications such as CEH, CISSP, AWS Security Specialty, or equivalent
Scripting knowledge (Python, Bash) for automation and rule management
Knowledge of CDN and reverse proxy technologies.
Special Knowledge / Skills / Abilities:
Onboard and offboard URLs and applications
Apply default/standard configs to onboarded applications, monitor for issues and update as needed
Make Routine DNS updates
Update configurations as required to WAF
Apply rule/signature and software updates
Submit Firewall Rule Change Requests during onboarding/offboarding
Write and apply rules as needed, on a per-application basis
Provide investigative & operational support to application teams as needed due to WAF implementation
Schedule maintenance windows and communicate updates as needed
Report on WAF coverage and/or incidents as needed (metrics)
Support incident response teams in the event assistance is required
Open Vendor support tickets and interact with WAF vendor as-needed
Document all processes and procedures in an ongoing basis
Support the establishment/improvement of WAF-related operational processes
Execute any other miscellaneous tasks associated with the WAF operationalization initiative
Clear communication skills
Time Management / Self-Management
Independent Work Skills
Presentation skills
Apply default/standard configs to onboarded applications, monitor for issues and update as needed
Make Routine DNS updates
Update configurations as required to WAF
Apply rule/signature and software updates
Submit Firewall Rule Change Requests during onboarding/offboarding
Write and apply rules as needed, on a per-application basis
Provide investigative & operational support to application teams as needed due to WAF implementation
Schedule maintenance windows and communicate updates as needed
Report on WAF coverage and/or incidents as needed (metrics)
Support incident response teams in the event assistance is required
Open Vendor support tickets and interact with WAF vendor as-needed
Document all processes and procedures in an ongoing basis
Support the establishment/improvement of WAF-related operational processes
Execute any other miscellaneous tasks associated with the WAF operationalization initiative
Clear communication skills
Time Management / Self-Management
Independent Work Skills
Presentation skills
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Security Engineer / AnalystEmployement Type: Full timeContact Details:
Company: CbtsLocation(s): Chennai+ View Contact
Keyskills: Computer science Performance tuning Automation DNS Healthcare HTTP Windows Monitoring Python Firewall
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in