- 经验
- 5–10 yrs
- 薪水
- —
- 职位空缺
- 1
- 发布
- 2小时前
- Work mode
- 在办公室
- 学历
- Any graduate
- Eligibility
- Any graduate can apply, including B.Tech/B.E. candidates from any specialization.
- Resume
- Required to apply
Where you'll work
职位描述
About the Role
This position focuses on building, tuning, and maintaining cloud web application firewall controls that protect applications from attacks while keeping legitimate traffic moving smoothly. The role calls for close attention to false positives, rule quality, and operational stability across cloud environments.
Key Responsibilities
- Set up, maintain, and optimize WAF policies across cloud-based platforms.
- Deploy both vendor-managed and custom rule sets that follow OWASP guidance and internal security baselines.
- Review WAF alerts and logs to lower false alarms and improve detection precision.
- Handle exclusions, allowlists, and rule adjustments as needed.
- Prevent known indicators of compromise, including malicious IPs, domains, and URLs, at the WAF layer.
- Support response and investigation efforts when web applications are targeted.
- Test new policies and rules before release to reduce risk.
- Check application impact to ensure changes do not disrupt business services.
- Investigate issues such as blocked traffic, connection failures, and performance slowdowns.
- Perform root-cause analysis and suggest corrective measures.
- Work with DevOps and application teams during secure onboarding.
- Assist with integrations involving API gateways, CDNs, and load balancers.
- Make sure all controls meet security standards and compliance expectations.
- Keep clear documentation, change records, and audit-ready evidence.
Experience and Technical Background
Applicants should have 5 to 10 years of experience in network security or application security, with practical enterprise-level exposure to WAF platforms.
Strong working knowledge is expected across cloud WAF tools such as Azure WAF, AWS WAF, Cloudflare, Imperva, and F5. The role also requires a solid grasp of HTTP and HTTPS, request and response headers, cookies, reverse proxy flow, application-layer attack patterns, load balancers, reverse proxies, and API gateway behavior.
Eligibility
Any graduate may apply, including candidates with a B.Tech or B.E. in any specialization.
Additional Information
Location: Hyderabad, India.