WAF Imperva L1 Engineer

Job Overview

We are seeking a proactive and detail-oriented Imperva Cloud WAF (CWAF) L1 Engineer to support 24x7 security operations. The role involves real-time monitoring of the Imperva Cloud WAF platform, incident response, basic troubleshooting, and coordination with internal teams and vendor support.

The ideal candidate should have strong networking fundamentals, a basic understanding of web security concepts, and the ability to operate efficiently in a shift-based environment. This role is critical in ensuring application availability, security posture, and timely incident resolution.

Key Responsibilities

1. Operations (24x7)

• Monitor Imperva Cloud WAF dashboards, alerts, and security events round the clock.
• Perform shift-based health checks and proactive monitoring activities.
• Respond to alerts, incidents, and service requests within defined SLAs.
• Ensure service availability and quick response to anomalies.

2. Incident & Ticket Management

• Raise, update, and track incidents, service requests (SRs), and change requests in the ticketing tool.
• Perform initial troubleshooting (policy blocks, false positives, traffic anomalies, etc.).
• Escalate complex technical issues to L2/L3 support teams when required.
• Maintain accurate documentation and ensure structured shift handover notes.

3. Application & Security Support

• Support onboarding of new applications onto Imperva CWAF.
• Assist in DNS cutover, policy attachment, and basic rule configuration.
• Validate application accessibility and security posture after changes.
• Coordinate with Network, DNS, and Application teams for smooth implementation.

4. Vendor Coordination (TAC)

• Raise and manage support cases with Imperva TAC.
• Share relevant logs, traffic captures, and configuration details as required.
• Track case progress and provide timely updates to stakeholders until closure.

5. SOP & Documentation

• Follow approved SOPs for operations and incident management.
• Update runbooks, onboarding documentation, and inventory records.
• Maintain detailed documentation of operational activities and changes.

Required Skills

• Strong fundamentals in Networking (IP, TCP/IP, DNS, HTTP/HTTPS).
• Basic understanding of WAF concepts and OWASP Top 10 vulnerabilities.
• Knowledge of CDN, reverse proxy, and SSL/TLS concepts.
• Understanding of HTTP response codes and web traffic behavior analysis.
• Basic troubleshooting using browser developer tools and log analysis.
• Familiarity with NOC processes and monitoring tools.
• Good communication and coordination skills.