WAF Specialist

Role Description:

The WAF Specialist will be responsible for the design, implementation, and ongoing management of Web Application Firewall (WAF) solutions, with a focus on Akamai and other cloud-based security platforms. This role involves proactive threat detection, rule creation, traffic analysis, and collaboration with cross-functional teams to ensure robust application security. The candidate should be adaptable, detail-oriented, and capable of leading initiatives independently while supporting day-to-day operations.

Additional Information: Should be open to work in shifts.

Key Responsibilities-WAF

• Design and implement custom WAF rules, including traffic filtering based on headers, IPs, and user-agent strings.
• Monitor WAF dashboards for threat detection and mitigation.
• Analyze and respond to security incidents related to web applications.
• Collaborate with application and infrastructure teams to fine-tune WAF policies.
• Perform regular rule audits and updates based on evolving threat landscapes.
• Manage WAF configurations and ensure alignment with security best practices.
• Participate in change management and incident response processes.
• Coordinate with vendors like Akamai, Imperva, and Cloudflare for support and enhancements.
• Conduct performance tuning and ensure minimal false positives.
• Assist in vulnerability mitigation and patching efforts.
• Document WAF configurations, rule sets, and operational procedures.

CDN

• Configure and manage Akamai CDN services including caching, delivery, and security features.
• Monitor CDN performance and availability using Akamai Control Center and analytics tools.
• Troubleshoot delivery issues and coordinate with Akamai support for resolution.
• Collaborate with application teams to optimize content delivery and reduce latency.
• Manage Akamai property configurations and version control.
• Participate in change management and incident response processes.
• Perform regular audits of CDN configurations and access controls.
• Document CDN configurations, policies, and operational procedures.

Essential Skills Required:

• Strong experience with Akamai Kona Site Defender, Imperva WAF, Cloudflare WAF, or similar platforms.
• Hands-on experience in creating and managing custom WAF rules.
• Familiarity with OWASP Top 10 vulnerabilities and mitigation strategies.
• Knowledge of HTTP/S protocols, headers, cookies, and web traffic patterns.
• Experience with DDoS protection, bot mitigation, and API security.
• Understanding of networking fundamentals (TCP/IP, DNS, routing, switching).
• Ability to analyze logs and packet captures for threat investigation.
• Experience with SIEM tools and integration with WAF platforms.
• Exposure to Zscaler, Netskope, and other cloud security solutions is a plus.