. Web Application Firewall (WAF) Expertise

Strong experience in API and web application security.

Proficient in WAF management, tuning, and log analysis.

Hands-on experience with the implementation and administration of WAF solutions, preferably:

Akamai

F5

Cloud-based WAF solutions

Familiarity with OWASP Top 10 vulnerabilities and remediation strategies.

2. Technical Skills & Responsibilities

Extensive experience in:

DevOps practices

API security

CI/CD pipeline integration

Proficient with tools such as:

Splunk

Wireshark

Custom scripting for log analysis

Skilled in identifying and mitigating false positives to enhance WAF performance.

Experienced in documenting:

WAF tuning procedures

Security policies

Configuration standards

Capable of developing and executing testing packages to validate:

WAF proof of concept (PoC)

Managed rules

Custom rule effectiveness

3. Soft Skills & Stakeholder Management

Provides SME-level consultation on:

Web and API-based attack methodologies

Evasion techniques

Keeps current with the latest web security threats and protection strategies.

Strong communication skills with the ability to:

Collaborate across internal and external teams

Lead cross-functional security initiatives

4. Education and Professional Background

Formal education or equivalent professional experience in:

Information Security

Cybersecurity

Computer Science

5. Candidate Availability

Available to join within 15–30 days.

Currently serving a notice period ranging from 30 to 45 days.

6. Additional Technical Skills (Good to Have)

Experience in:

SOC (Security Operations Center)

CSIRT (Computer Security Incident Response Team)

Application Security (AppSec)

Ethical Hacking

Knowledge of:

DevSecOps methodologies

Security testing

Regular WAF configuration assessments and audits