Web Application Firewall (WAF) Engineer – Akamai/KONA SME
Location: [Pune / Hyderabad / Trivandrum / Kochi / Bangalore / Chennai]
Department: Cybersecurity / Application Security
Required years of Experience - 7 to 12 Years
Role Overview
The Engineer – CTB will serve as the Subject Matter Expert (SME) in Web Application Firewall (WAF) technologies, supporting the design, deployment, and tuning of WAF solutions in alignment with internal Minimum Viable Product (MVP) standards, OWASP guidelines, and vendor best practices. This role will require collaboration with application, infrastructure, security, and operations teams to ensure consistent, secure, and scalable deployment of WAF across platforms.
Key Responsibilities
Design & Deployment
Provide expert-level support for WAF solution architecture and design, ensuring alignment with company MVPs, OWASP standards, and vendor best practices. Discover, document, and create technical design patterns and automation-ready configurations for WAF deployment and compliance auditing. Define baseline configuration patterns from MVP reviews across platforms. Determine technical deployment methods for custom WAF rules, exceptions, and safe ordering strategies for each platform. Design and validate secure access controls for WAF management planes as per organizational IDAM policies. Review platform-specific rate limits against MVP standards and integrate them into the baseline configuration. Establish mechanisms to track upcoming General Availability (GA) versions and platform updates.Integration & Compliance
Document available logging options for each platform and define SIEM connector integration paths aligned with company requirements. Liaise with the SIEM Team/SOC to validate WAF readiness for monitoring and logging. Ascertain ownership and process responsibilities for necessary WAF-related certifications.Tuning & Enablement
Develop tailored WAF tuning documentation and processes that align with business needs and application behavior. Conduct WAF training and awareness sessions for Application Teams. Partner with Application Teams to review and optimize WAF tuning configurations for performance and security.Governance & Documentation
Continuously review platform configurations against MVP benchmarks and correct discrepancies. Establish and document a consensus-driven Baseline Configuration that meets MVP standards. Identify WAF platform limitations and collaborate with the Risk Team and vendors to mitigate or resolve them.Ideal Candidate Profile
Required Experience & Skills
Extensive hands-on experience with multiple enterprise WAF solutions, ideally including Tencent and Akamai. Strong understanding of web application security threats and mitigation strategies (e.g., OWASP Top 10). Proven experience in large-scale WAF deployments, including prerequisite discovery and provisioning: access control, certificates, rate limiting, logging, and SIEM integration. Proficient in WAF tuning and configuration, with a deep understanding of web security principles. Demonstrated ability to design and implement tailored WAF tuning methodologies and supporting documentation. Track record of conducting WAF-related training or enablement sessions. Analytical ability to review platforms against MVP/baseline configurations, identifying gaps and opportunities for optimization. Familiarity with IDAM protocols and secure access controls for management interfaces. Experience with HTTPS inspection, including certificate management and termination processes. Strong understanding of rate limiting techniques and their role in application security. Knowledge of version control and update mechanisms for WAF platforms. Ability to design logging frameworks and SIEM connector options with focus on compliance and monitoring. Experience collaborating with SOC/SIEM teams to ensure integration readiness.Desirable Attributes
Proactive and collaborative mindset with a focus on security enablement. Strong documentation and stakeholder communication skills. Ability to balance security objectives with operational requirements and performance.