Application Security Engineer

Role : WAF Engineer

Exp : 8 to 10years

Location : Pune / Hyderabad

Interview Mode : Virtual (Teams)

JD :

• Strong experience ideally with multiple WAF solutions including Tencent / Akamai WAF
• Strong understanding of Web Application security attack methods and mitigations
• Strong experience with enterprise scale WAF deployments and the discovery and provisioning of prerequisites such as access control, certificates, rate limiting, SIEM connectors, rule sets and features
• Proficiency in WAF tuning and configuration, coupled with a strong foundation in web security principles and practices.
• Experience in conducting educational sessions or training, with an emphasis on WAF tuning
• Capability to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security.
• Analytical skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations.
• Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge.
• Understanding of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices.
• Experience in rate limiting techniques and their integration into security configurations
• Experience of version control and update mechanisms for WAF solutions
• Competency in identifying and documenting platform and organizational logging options, with a focus on security implications and cloud environments.
• Skills in designing SIEM connector options and interfacing with SIEM Teams / SOC for compliance and monitoring purposes

If you are interested, please share your updated Resume to varsha.muthukrishnan@tcs.com