Key Responsibilities:

Configuration, Monitoring & Management: Primarily focusing on Web Application Firewalls (WAF) such as F5, AWS WAF, Cloudflare, and Imperva. Installation & Troubleshooting: Hands-on experience with the installation, configuration, monitoring, and management of WAFs. Ticketing Tools: Independent handling and managing of ticketing tools like Symphony, CDC and Google Soar

Daily Tasks:

WAF Management: Configuration, updates, upgrades, and troubleshooting of WAFs. Health Checks: Conducting daily, weekly, and monthly health checks of WAFs and other network security devices. Interactions: Communicating with OEMs, vendors, partners, end users, and clients regarding WAF-related issues. Activity Updates: Keeping track of activities and updating tickets for incidents and service requests related to WAFs. Analysis & Improvement: Analysing WAF-related tickets and participating in continuous improvement activities.

Technical Skills:

WAF Configuration and Management: Proficiency in configuring, managing, and optimizing WAF solutions. Web Security Protocols: Strong understanding of HTTP/HTTPS protocols and web application communication. OWASP Top Ten: Familiarity with common web application vulnerabilities such as SQL injection and cross-site scripting (XSS). Security Policies and Rulesets: Ability to develop and enforce security policies and rulesets tailored to specific web applications. Vulnerability Testing: Experience with vulnerability testing tools and techniques to identify and mitigate security weaknesses.

Analytical Skills:

Traffic Analysis: Monitoring and analysing network traffic to detect and respond to suspicious activities. Incident Response: Conducting incident response and forensic analysis in the event of a security breach. Continuous Monitoring: Regularly monitoring WAF security logs and s to stay ahead of potential threats.

Soft Skills:

Collaboration: Working closely with development and IT teams to ensure secure application deployments. Communication: Effectively communicating with OEMs, vendors, partners, and clients regarding security issues and resolutions. Proactive Mindset: Staying updated with the latest security trends, vulnerabilities, and mitigation techniques.

Preferred Certifications:

CISSP: Certified Information Systems Security Professional CCSP: Certified Cloud Security Professional CompTIA Security+ COBIT 5 Certification Training AZ-500: Microsoft Azure Security Technologies CEH: Certified Ethical Hacker GIAC: Global Information Assurance Certification