Application Security Engineer

Job Description

Application Security Engineer This role has been designed as Onsite with an expectation that you will primarily work from an HPE office. Who We Are: Job Description: Within HPE, our Operations, Legal and Admin teams work across the business, providing visible accountability and measurable outcomes. With a variety of roles and responsibilities these teams really connect the dots, giving us the essential insights, support and capability to accelerate our transformation to be the world s edge to cloud company. Join us redefine what s next for you. What you ll do: Architect, deploy, and manage Web Application Firewalls (WAFs) such as F5 ASM Define custom security policies, rules, and signatures to protect against web-based attacks and zero-day exploits. Optimize WAF configurations to balance security, performance, and usability across different business applications. Integrate WAF solutions with SIEM, SOAR, and threat intelligence feeds for enhanced security monitoring. Implement DDoS mitigation strategies, bot management, and API security enforcement using WAF and supporting technologies. Work with detection engineering to monitor and analyze WAF logs, security alerts, and threat intelligence to detect and mitigate attacks. Collaborate with SOC, Incident Response, and DevSecOps teams to investigate and respond to web-based security threats. Develop automated response workflows for WAF-based threat detections using SOAR platforms. Conduct forensic analysis and tune WAF rulesets post-incident to strengthen future protections What you need to bring: Bachelors degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study Typically 5+ years of experience in cybersecurity, with 5+ years specializing in WAF and application security. Knowledge and Skills: Extensive Cyber and IT security knowledge Expertise in deploying and managing WAF technologies such as F5 ASM Strong understanding of OWASP Top 10, API Security Top 10, bot mitigation, and advanced web threats. Experience with SIEM, SOAR, and threat intelligence integrations for WAF log analysis. Strong scripting and automation skills using Python, PowerShell, Terraform, or Ansible. Deep knowledge of TLS/SSL encryption, JWT, API gateways, and Zero Trust principles. Strong analytical, problem-solving, and communication skills. Understanding of Cyber and IT security risks, threats and prevention measures Additional Skills: Accountability, Accountability, Action Planning, Active Learning (Inactive), Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management (Inactive), Data Controls, Design Thinking, Development Methodologies, Empathy, Follow-Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity {+ 4 more} What We Can Offer You: Health Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have whether you want to become a knowledge expert in your field or apply your skills to another division. Diversity, Inclusion Belonging We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Lets Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #legalandadmin Job: Information Technology Job Level: TCP_04 Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.