WAF Security Engineer

Job Title: WAF Security Engineer (Barracuda WAF & AWS WAF)

Experience : 5 to 8years

Job Summary:

We are looking for a skilled WAF Security Engineer with expertise in Barracuda WAF and AWS WAF to strengthen our security posture. The ideal candidate should have hands-on experience in troubleshooting HTTP session issues, writing content rules, and implementing security policies based on OWASP standards. Additionally, they should have a strong understanding of configuring and managing WAFs, enabling high availability (HA), and setting up disaster recovery solutions. As Barracuda WAF deployment is on AWS and applications are hosted in AWS, it is mandatory to have hands-on experience with AWS in a production environment.

Key Responsibilities:

Configure, manage, and optimize Barracuda WAF and AWS WAF to protect web applications.

Troubleshoot HTTP session issues and analyze traffic logs to identify and mitigate security threats.

Develop and maintain custom WAF rules based on application security requirements.

Implement and refine content rules to filter and manage web traffic effectively.

Ensure WAF rules align with OWASP Top 10 security standards to mitigate vulnerabilities such as SQL injection, XSS, CSRF, and others.

Set up and configure new WAF deployments, ensuring best security practices.

Implement high availability (HA) configurations to enhance reliability and failover mechanisms.

Collaborate with application development and security teams to ensure seamless integration of security measures.

Monitor and respond to WAF alerts, providing timely resolutions for security incidents.

Conduct regular audits and performance tuning of WAF configurations to optimize security and efficiency.

Work extensively with AWS services to support Barracuda WAF deployment and application hosting.

Required Skills & Experience:

3+ years of hands-on experience with Barracuda WAF and AWS WAF.

Mandatory hands-on experience with AWS in a production environment.

Strong knowledge of HTTP/S protocols, session management, and web traffic analysis.

Experience in writing WAF rules (custom rules, rate limiting, bot protection, etc.).

Understanding of OWASP Top 10 security risks and mitigation techniques.

Expertise in troubleshooting application security issues using logs, packet captures, and debugging tools.

Experience in configuring high availability (HA) and disaster recovery (DR) solutions for WAF environments.

Familiarity with cloud security best practices, particularly within AWS.

Strong analytical and problem-solving skills.

Knowledge of endpoint security is an added advantage.

Excellent communication and documentation skills.

Preferred Qualifications:

Certifications such as AWS cloud certificate (any), Barracuda WAF Certified Engineer

Hands-on experience with SIEM tools (Splunk) and integrating WAF logs for monitoring.

Knowledge of API security and protection strategies.

Thanks & Regards,

Ramya.R

Talent Acquisition Executive

_______________________________________

Idexcel Technologies Pvt Ltd

An ISO 27001: 2022 certified Organization

Crystal Plaza, 9-11, Bhuvanappa Layout, Hosur Main Road, Bengaluru - 560029

080-2550 8830 / M: 7019642915

ramya.r@idexcel.com

http://www.idexcel.com