For International Trade And Development Company
8 - 12 Years
Full Time
Up to 45 Days
Up to 33 LPA
2 Position(s)
Pune, Hyderabad
8 - 12 Years
Full Time
Up to 45 Days
Up to 33 LPA
2 Position(s)
Pune, Hyderabad
Posted By : Rarr Technologies Pvt Ltd
We are looking for a skilled WAF Engineer with hands-on experience in Akamai Web Application Firewall (WAF) to help protect our mission-critical applications. The ideal candidate will be responsible for tuning, managing, and enhancing our Web Application and API Protection (WAAP) capabilities across cloud and on-premise environments.
Key Responsibilities:
Work closely with Capability Leads to deliver Web Application and API Protection (WAAP), primarily using Akamai.
Review and act on WAF tuning requests in a timely and accurate manner.
Conduct in-depth log analysis to identify false positives and optimize WAF rules for accuracy and performance.
Develop, document, and maintain WAF policies, tuning procedures, and configurations.
Design, test, and recommend application-specific WAF policies and rule sets.
Collaborate with application and infrastructure teams to integrate WAF solutions seamlessly.
Implement anti-bypass protection for on-premise applications via Akamai.
Provide WAF configuration recommendations based on best practices and business security requirements.
Perform regular assessments and audits to ensure optimal security posture and compliance.
Maintain audit and compliance documentation as per regulatory needs.
Deliver monthly/quarterly reviews to application owners demonstrating WAF effectiveness.
Stay current with latest web security threats, vulnerabilities, and trends.
Evaluate, design, and recommend new WAAP solutions to enhance protection capabilities.
Key Accountabilities:
Align WAAP policies across multi-infrastructure environments with capability lead and control owners.
Conduct thorough log analysis to mitigate false positives and fine-tune WAF.
Proactively enhance WAF accuracy and effectiveness.
Ensure WAF traffic enforcement such that origin servers are only accessible via Akamai (preventing direct-to-origin attacks).
Regularly review and optimize WAF rule sets for existing and new applications.
Participate in service reviews with application owners to assess WAF performance and protection level.
Continuously research and implement improvements based on evolving security landscapes.