4 Waf Solutions Jobs

As a Network Security Engineer (WAF F5) at our organization, you will be responsible for managing and maintaining WAF solutions within our network security infrastructure. With 3 to 6 years of experience in network security, including at least 3 years specifically focused on WAF solutions, you will play a key role in ensuring the security and integrity of our network. Your responsibilities will include managing WAF policies, automating processes using scripting tools, integrating WAF solutions with various management and authentication tools, and troubleshooting network issues across different layers. You will also be involved in incident and problem management, compliance audits, and maintaining access and security policies for WAF solutions. In addition, you will collaborate with OEMs for technical support, create technical documentation and network diagrams, mentor junior engineers, and ensure compliance with the bank's security policies and procedures. Your ability to analyze and resolve complex issues, communicate effectively, and take ownership of technology will be crucial in this role. To be successful in this position, you should have a Product Certification as an F5 WAF Certified Professional, hands-on experience in commissioning and implementing WAF solutions, and proficiency in working with Windows, Linux, and Unix environments. Experience with network monitoring tools, packet capture analysis, and security dashboard tools will also be beneficial. If you have a passion for network security, a proactive approach to problem-solving, and a commitment to excellence, we encourage you to apply for this exciting opportunity. Join us in ensuring the security and reliability of our network infrastructure while working in a dynamic and rewarding environment. This is a full-time position based in Navi Mumbai, Maharashtra, requiring in-person work during day shifts. We offer a competitive salary, performance bonuses, and opportunities for professional growth and development. If you meet the qualifications and are ready to take on this challenging role, we look forward to receiving your application.,

Role : WAF Engineer (F5/ Radware) Experience : 3 to 6 years in Network Security Location : Navi Mumbai, Noida The WAF - L2 Engineer is a critical role within our Network Security team, responsible for managing and optimizing Web Application Firewall (WAF) solutions. The ideal candidate will bring 3 to 6 years of network security experience, with a specific focus on WAF management. This position is based in Mumbai and requires a strong technical background, excellent problem-solving skills, and the ability to work in a dynamic, fast-paced environment. The WAF - L2 Engineer will ensure the security and integrity of our network infrastructure, support incident response efforts, and collaborate with various teams to maintain high service levels. Responsibilities : Manage and optimize Web Application Firewall (WAF) solutions. Integrate WAF solutions with various management and authentication tools such as email, AD, IAM, and SIEM. Automate processes using scripting and SOAR tools. Manage policies, exceptions, and perform packet capture, analysis, and troubleshooting. Oversee incident, problem, service request, change, configuration, and capacity management of WAF setups. Proactively use network monitoring tools to isolate events before service degradation. Support incident monitoring and analysis/response initiatives. Troubleshoot network issues across OSI Model layers 1, 2, and 3. Conduct daily performance checks, periodic audits, and ensure compliance. Perform immediate troubleshooting for network outages. Implement and maintain network security policies, standards, and procedures. Deploy and maintain access and security policies for WAF solutions. Maintain service levels and oversee the 24/7 configuration, administration, and monitoring of network security infrastructure. Coordinate with OEMs for TAC support, RMA, replacement, and reconfiguration of WAF. Create technical documentation, network diagrams, inventory control, and security documentation. Collaborate with helpdesk, IT support, and application support teams for high-priority incident resolution. Investigate, isolate, and resolve WAF incidents, providing Root Cause Analysis (RCA). Design and implement WAF solutions for Data Centers (DC), Disaster Recovery (DR), Cloud, and Branch office environments. Develop SOPs, Run books, and update knowledgebase in ITSM tools. Automate and integrate tools with REST API/SDK for security dashboards and InfoSec tools (AD, IDAM, PAM, SIEM, SOAR). Ensure compliance with audit points and timelines. Perform patch updates and upgrades per compliance and audit requirements. Lead and mentor L1 & L2 engineers. Analyze packet captures using tools like Wireshark/Pcap. Ensure timely closure of tickets within SLA and follow up on escalated tickets. Prepare SLA reports for respective technology. Required Skills: Proficiency in managing WAF solutions. Experience in Windows, Linux, Unix environments. Hands-on experience in commissioning, implementation, and integrating WAF solutions. Strong scripting and process automation skills. Experience in policy and exception management. Proficiency in packet capture, analysis, and troubleshooting tools. Incident and problem management skills. Strong verbal and written communication skills. Demonstrated ability to manage, analyze, and solve complex issues. Ability to lead and mentor a team of engineers. If you are a dedicated network security professional with a passion for ensuring the safety and integrity of web applications, we encourage you to apply for this challenging and rewarding role.

As a Head of Web Application and API Protection at HSBC, you will be responsible for defining and maintaining the global strategy for Web Application Security & Protection (WASP). You will work closely with engineers, platform owners, architects, and Control Owners to ensure business success, meet regulatory expectations, and respond to evolving threat landscapes. Your role will involve owning the investment roadmap for WASP, prioritizing a common backlog to reduce risks and meet strategic needs. You will be accountable for delivering innovative and frictionless technologies and services to navigate cyber risks effectively. Collaboration with internal and external partners to develop technical solutions that meet business needs will be a key aspect of your responsibilities. Additionally, you will define, operate, and mature business services supporting the adoption and tuning of protections. Oversight of WASP end-to-end and ensuring regulatory compliance and risk management outcomes are maintained will be crucial. You will also lead and manage a team of skilled professionals, fostering a culture of empowerment, experimentation, learning, and partnership. To succeed in this role, you should have hands-on experience in designing and implementing web application protection strategies, a robust understanding of industry cybersecurity frameworks, and expertise in web application and API security. Strong analytical skills, experience in technology leadership roles, and knowledge of risk and control management frameworks are essential for this position. Joining HSBC as the Head of Web Application and API Protection will provide you with the opportunity to make a significant impact in maintaining a secure technology and data infrastructure. If you are looking to further develop your career in cybersecurity and technology leadership, HSBC is the place for you. For more information and to explore career opportunities at HSBC, visit www.hsbc.com/careers. Please note that personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, available on our website.,

Role & responsibilities Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps Crafting efficacy testing for baseline & custom rules and features and integrating testing in the automation pipelines Providing SME support for other security testing such as WAF PoCs, new features and solutions with a potential cost saving if we use in-house resource instead of 3rd party vendors Providing WAF focused SME support and advice on Web & API based attack methodologies, evasions and mitigation techniques Providing DevSecOps SME & pipeline build support for the automation works Monitor and review all tuning requests. Conduct detailed log analysis to identify false positives and optimize WAF rules for improved accuracy and performance. Create and maintain comprehensive documentation for WAF tuning, tuning procedures, policies, and configurations. Develop, test, and recommend WAF policies and rules tailored to specific applications and environments. Proactively assist with identifying false positives Collaborate with cross-functional teams to ensure seamless integration of WAF solutions into existing security infrastructure. Provide recommendations for WAF configuration based on best practices and security requirements. Perform regular assessments and audits of WAF configurations to ensure optimal security posture and compliance with industry standards. Stay updated with the latest web security threats, vulnerabilities, and trends to continually enhance WAF effectiveness Preferred candidate profile Extensive experience in WAF management, tuning, and engineering, with a strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic Experience with tools such as Splunk, Wireshark, or custom scripts to process and analyze logs. Experience with at least three major WAF solutions (e.g., Akamai, F5, AWS, GCP) and an understanding of their unique configurations and capabilities. Strong analytical and problem-solving skills, with a keen attention to detail. Excellent communication skills, capable of articulating complex security concepts to technical and non-technical stakeholders. Ability to develop, test, and recommend WAF policies and rules tailored to specific applications and environments. Experience collaborating with cross-functional teams to integrate WAF solutions into existing security infrastructure. Competence in maintaining comprehensive documentation for WAF tuning procedures, policies, and configurations. Extensive experience in configuring WAF solutions to align with best practices and security requirements. A proactive, detail-oriented individual who thrives in a dynamic, fast-paced environment and stays updated with the latest web security threats and trends.