WEB Application Firewall (WAF) Engineer

About Role

We are seeking a skilled Web Application Firewall (WAF) Engineer to join our security team. Candidate for this role is in charge for safeguarding our web applications and APIs by deploying, configuring, and maintaining modern WAF solutions. The ideal candidate must have theoretical and hands-on experience with both cloud-native WAF services (such as AWS WAF, Azure WAF, GCP Cloud Armor) and edge WAF solutions such as Cloudflare.

WAF Management & Configuration :

• Deploy, configure, and tune WAF policies and rules across multiple environments (different applications for different brands).

• Implement custom rules to mitigate emerging security threats, bot attacks or API vulnerabilities.

• Partner with developers/application teams to align WAF rules with business requirements.

• Integrate WAF solutions with SIEM or other monitoring systems for real-time visibilityand reporting.

• Investigate and resolve issues related to WAF functionality, performance, and traffic flow and support developers and DevOps teams in troubleshooting blocked traffic and false positives.

Security Operations

• Create meaningful alerts to trigger when a specific incident or changes in traffic pattern is happening.
• Monitor WAF logs and alerts to detect and respond to suspicious activity. • Continuously update rule sets to adapt to emerging threats.
• Conduct periodic audits to ensure WAF coverage and compliance with security policies.

Collaboration & Documentation

• Maintain clear documentation of WAF policies, configurations, and troubleshooting guides.
• Collaboration with other colleagues in Security Operation Center and Network

WHO ARE WE LOOKING FOR:

• Strong understanding of HTTP/S protocols, web application/API architecture, and common web application/API attack and defense mechanism.
• Proven experience managing and troubleshooting WAF solutions (Cloudflare, AWS WAF, Azure WAF, or similar).

• Familiarity with API security, CDN integrations, and bot management solutions.

• Experience in log management solutions (e.g., Splunk, ELK, OpenSearch etc.) and integrating WAF logs into other platforms.
• Working knowledge of DevOps best practices (CI/CD pipelines, Infrastructure as Code, Terraform/CloudFormation preferred).

• Programming skills (Python, JavaScript etc.) for creating automation workflows or relevant applications to facilitate the day to day tasks.

• Strong analytical and problem-solving skills with the ability to work in high-pressure environments.

GOOD TO HAVE

• Security relevant certifications such as AWS Security Specialty, Cloudflare Certified Expert, CEH, or CISSP.

WHAT WE OFFER

• A young, dynamic, and innovation-oriented environment

• A wide variety of projects within different industries

• A very open and informal culture where knowledge sharing, and employee development are key.

• Room for personal initiative, development, and growth

• Realistic career opportunities

• Competitive package and fringe benefits.

HOW TO APPLY

mgundala.ext@nemetschek.com