Job Title: WAF Engineer
Location: Bangalore
Experience: 5-7 Yrs
Job Description
As a WAF Engineer you will develop, maintain, test, and troubleshoot web application firewalls, their rulesets and their deployment capabilities. The ideal candidate should have hands-on experience with all of the major cloud services providers based in the US; Amazon, Azure, FXCloud and Google, utilizing orchestration platform (Terraform) as well as current appliance based WAF systems like F5 ASM and AppProtect. Should have experience with web-based attacks, OWASP Top 10 web vulnerabilities, web application testing with tools like BURP Suite or Zed Attack Proxy (ZAP), and extensive knowledge of networking protocols like TCP, websockets, gRPC, HTTP/2.
Responsibilities:
- Consult in vended patching.
- Consult how active defense policies are created and implemented.
- Work with application teams in understanding attacks and how to best defend.
- Assist in the design and implementation of automated systems designed to test our own active defense.
- Ability to effectively articulate technical challenges and solutions.
- Troubleshoots and resolves system service failures by identifying and analyzing the situation and provides corrective actions.
- Develops, installs, and tests new network hardware and software releases, system upgrades, evaluates and installs patches and resolves software related problems.
- Monitors systems activities and fine tunes system parameters and configuration to optimize performance and ensure security of systems.
- Provides senior level expertise on decisions and priorities regarding systems architecture.
- Engages with application development teams on current infrastructure projects.
- Evaluates existing solutions and infrastructure and provides recommendations.
- Approves system designs and functions as a project lead as required. Facilitates the establishment and implementation of standards and guidelines that guide the design of technology solutions including architecting and implementing solutions.
- Manages and maintains the hardware, software, security, and connectivity to the Internet as well as middleware components.
Requirements:
- Bachelor's Degree Relevant Experience or Degree in Information Security or Computer Science preferred. Other majors will be considered.
- Typically, Minimum 4 Years Relevant Exp Strong self-starter.
- Strong scripting skills (shell, python, batch, power shell etc.)
- Strong analytical skills in root cause analysis, troubleshooting, and problem solving.
- Prefer experience in cloud Web Application Firewalls, both SaaS and native cloud provider relevant (CloudArmor, AWS WAFv2, Azure WAFv2)
- Prefer experience with vended WAF solutions (F5, Imperva, Nginx AppProtect).
- 2+ years' Experience in multiple programming languages, preferably Go, .NET and Python. (Both writing and analyzing)
- Prefer experience with RASP technologies.
- Experience with Kubernetes and container runtimes (runc, docker, LXC)
Cloud Security, Burp Suite, Azure WAF, HTTP