8.0 - 12.0 years

0 Lacs

pune, maharashtra

On-site

You will consult with the Capability Lead to deliver Web Application and API Protection for critical applications primarily on the Akamai platform. This includes monitoring and reviewing all tuning requests, conducting detailed log analysis to identify false positives, and optimizing WAF rules for improved accuracy and performance. Additionally, you will create and maintain comprehensive documentation for WAF tuning procedures, policies, and configurations. Your responsibilities will also involve developing, testing, and recommending WAF policies and rules tailored to specific applications and environments. You will proactively assist in identifying false positives and collaborate with cross-functional teams to ensure the seamless integration of WAF solutions into existing security infrastructure. Furthermore, you will work with Application teams to enable web application protection and deliver anti-bypass protection for on-premise applications currently using Akamai. You are expected to provide recommendations for WAF configuration based on best practices and security requirements, perform regular assessments and audits of WAF configurations to ensure optimal security posture, and compliance with industry standards. This includes maintaining evidence for audit and regulatory purposes and delivering monthly and quarterly business reviews for application owners to demonstrate the effectiveness of WAF control. To stay effective in this role, you must stay updated with the latest web security threats, vulnerabilities, and trends to continually enhance WAF effectiveness. You will evaluate, design, and deliver new and alternative WAAP features and solutions to ensure the best possible protection. Your key accountabilities include ensuring alignment with the capability lead and control owner to deliver consistent WAAP policies across multiple infrastructures. You will also ensure timely and accurate review and action on all WAF tuning requests, conduct thorough log analyses to effectively identify and mitigate false positives, and maintain comprehensive and up-to-date documentation for all WAF tuning procedures, policies, and configurations. Collaboration with cross-functional teams and application teams is essential for integrating WAF solutions seamlessly into existing security infrastructure and enabling WAF protection. You will also ensure connectivity to origin servers on-premise only comes through Akamai to prevent direct-to-origin attacks. Providing expert recommendations for WAF configurations based on best practices and current security requirements, performing service reviews with accountable service application owners, and staying informed about the latest web security threats, vulnerabilities, and trends are crucial aspects of this role. Additionally, you will review existing and new solutions to deliver best-in-class protections.,

Posted 3 days ago

Apply

Security Analyst and IAM Bounteous

7.0 - 11.0 years

0 Lacs

karnataka

On-site

You should have 7 to 9 years of security experience, preferably in a matrix-driven corporate environment. Experience with WAF Operations is mandatory, and Email Security is secondary. You should have security experience with any WAF provider, including API definitions, custom rules, writing bot management rules, and analyzing traffic logs. Proven experience in troubleshooting and simulating HTTP client requests using tools like curl, postman, and HAR file analysis is required. A strong understanding of core networking concepts like TCP/IP, DNS, HTTP, proxy, load balancing, etc., is essential. Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies is desired. Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments is a plus. You should be able to interact effectively with both technical and non-technical staff, including management and executives, and articulate technical material in business terms. A functional understanding of network controls and policies to prevent cyber threats is necessary. Familiarity with security controls like WAF tuning, Bot management, API protection, network policy governance, troubleshooting, and incident response is important. Knowledge of criminal activities and the attacks that may occur in each layer of the OSI model is preferred. You should have the ability to make information security risk determinations based on intelligence analysis and understand cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest. The shift timings for this role are as follows: - Weekend Shift - Weekdays: Between 8AM to 11PM,

Posted 5 days ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.