Web Application Firewall

Job Position : Web Application Firewall

Experience: 4-7

Location : Chennai

Role & responsibilities

Key Responsibilities

WAF Management

• Design, deploy, and manage WAF solutions (e.g., AWS WAF, Cloudflare WAF, F5 Advanced WAF, Imperva WAF)
• Configure and fine-tune WAF rules to mitigate threats like:
• SQL Injection
• Cross-Site Scripting
• CSRF
• Monitor WAF logs, alerts, and dashboards for suspicious activity
• Reduce false positives/negatives and optimize rule performance

Application Security

• Perform vulnerability assessments and penetration testing (VAPT)
• Identify and remediate issues aligned with OWASP Top 10
• Conduct secure code reviews for web applications (Java, Python, Node.js, etc.)
• Integrate security tools into CI/CD pipelines (DevSecOps practices)
• Work closely with developers to fix vulnerabilities

Security Operations

• Analyze security incidents and respond to application-layer attacks
• Collaborate with SOC teams for threat monitoring and incident response
• Generate reports on vulnerabilities, incidents, and risk posture
• Maintain compliance with standards like:
• ISO 27001
• PCI DSS

Tools & Technologies

• WAF tools: AWS WAF, Cloudflare, F5, Imperva
• Security testing tools: Burp Suite, OWASP ZAP, Nessus
• SIEM tools: Splunk, IBM QRadar
• Programming/Scripting: Python, Bash, JavaScript
• Cloud platforms: AWS, Azure, GCP

Required Skills

• Strong understanding of HTTP/HTTPS protocols and web architectures
• Hands-on experience with WAF rule creation and tuning
• Knowledge of common web vulnerabilities and exploit techniques
• Experience with API security and microservices security
• Familiarity with DevSecOps practices and CI/CD pipelines

Preferred Qualifications

• Bachelors degree in Computer Science, IT, or related field
• Certifications such as:
• CEH
• OSCP
• CISSP
• AWS Certified Security Specialty

Nice to Have

• Experience with bot protection and DDoS mitigation
• Knowledge of container security (Docker, Kubernetes)
• Experience in threat modeling and secure SDLC

Soft Skills

• Strong analytical and problem-solving skills
• Good communication and stakeholder management
• Ability to work in fast-paced environments