Job Title: SME WAF Engineer Location: Pune (Hybrid WFO) | Shift: UK Hours | Industry: Banking Experience: 8+ years overall, with minimum 6 years in WAF solution design and deployment Job Description: Seeking a Subject Matter Expert (SME) WAF Engineer to design and support enterprise-scale WAF solutions following industry best practices (MVP, OWASP, vendor standards). The role involves discovering, documenting, and delivering technical designs and automation-ready configurations for WAF deployment and audits. Responsibilities include defining baseline configuration patterns, managing access controls per IDAM policies, ensuring safe deployment models, and integrating rate-limit settings into baseline configurations. Candidate must stay updated on platform GA versions, document logging options, and ensure compliance with certification requirements. Requirements: Strong hands-on experience with multiple WAF platforms (Tencent, Akamai, etc.) In-depth knowledge of web application security attacks and mitigations Expertise in enterprise WAF deployments, rule sets, rate limiting, certificates, and SIEM integration Familiarity with IDAM and access control mechanisms.
As an SME WAF Engineer, your role will involve designing and supporting enterprise-scale WAF solutions following industry best practices such as MVP, OWASP, and vendor standards. Your responsibilities will include: - Discovering, documenting, and delivering technical designs and automation-ready configurations for WAF deployment and audits - Defining baseline configuration patterns and managing access controls per IDAM policies - Ensuring safe deployment models and integrating rate-limit settings into baseline configurations To excel in this role, you are required to have: - 8+ years of overall experience, with a minimum of 6 years in WAF solution design and deployment - Strong hands-on experience with multiple WAF platforms like Tencent, Akamai, etc. - In-depth knowledge of web application security attacks and mitigations - Expertise in enterprise WAF deployments, rule sets, rate limiting, certificates, and SIEM integration - Familiarity with IDAM and access control mechanisms Additionally, you must stay updated on platform GA versions, document logging options, and ensure compliance with certification requirements.,