WAF Specialist

Role Description :

The WAF Specialist will be responsible for the design, implementation, and ongoing management of Web Application Firewall (WAF) solutions, with a focus on Akamai and other cloud-based security platforms. This role involves proactive threat detection, rule creation, traffic analysis, and collaboration with cross-functional teams to ensure robust application security. The candidate should be adaptable, detail-oriented, and capable of leading initiatives independently while supporting day-to-day operations.

Additional Information : Should be open to work in shifts.

Key Responsibilities-WAF

Design and implement custom WAF rules, including traffic filtering based on headers, IPs, and user-agent strings.

Monitor WAF dashboards for threat detection and mitigation.

Analyze and respond to security incidents related to web applications.

Collaborate with application and infrastructure teams to fine-tune WAF policies.

Perform regular rule audits and updates based on evolving threat landscapes.

Manage WAF configurations and ensure alignment with security best practices.

Participate in change management and incident response processes.

Coordinate with vendors like Akamai, Imperva, and Cloudflare for support and enhancements.

Conduct performance tuning and ensure minimal false positives.

Assist in vulnerability mitigation and patching efforts.

Document WAF configurations, rule sets, and operational procedures.

CDN

Configure and manage Akamai CDN services including caching, delivery, and security features.

Monitor CDN performance and availability using Akamai Control Center and analytics tools.

Troubleshoot delivery issues and coordinate with Akamai support for resolution.

Collaborate with application teams to optimize content delivery and reduce latency.

Manage Akamai property configurations and version control.

Participate in change management and incident response processes.

Perform regular audits of CDN configurations and access controls.

Document CDN configurations, policies, and operational procedures.

Essential Skills Required :

Strong experience with Akamai Kona Site Defender, Imperva WAF, Cloudflare WAF, or similar platforms.

Hands-on experience in creating and managing custom WAF rules.

Familiarity with OWASP Top 10 vulnerabilities and mitigation strategies.

Knowledge of HTTP / S protocols, headers, cookies, and web traffic patterns.

Experience with DDoS protection, bot mitigation, and API security.

Understanding of networking fundamentals (TCP / IP, DNS, routing, switching).

Ability to analyze logs and packet captures for threat investigation.

Experience with SIEM tools and integration with WAF platforms.

Exposure to Zscaler, Netskope, and other cloud security solutions is a plus.