WAF security Engineer - London, United Kingdom - Infoplus Technologies UK Limited

Description

Job Description

Job Spec:

Mandatory Skills - Web App Firewall F5 BIG-IP ASM

Additional Skills - Python Scripting

Handson Azure along with F5 or AkamaiTechnical

Skills & Experience:

1. Strong experience with multiple WAF solutions for edge, cloud, and on-premise

2. Strong experience with cloud services and their WAF controls, ideally including one or more of the following: AWS, Azure, and GCP

3. Strong understanding of Web Application security attack methods and mitigations

Proficiency in WAF tuning and configuration, coupled with a strong foundation in web security principles and

4. practices.

5. Develop custom WAF rules and features, addressing gaps and enhancing overall security measures

6. Capability to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security.

7. Analytical skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations.

8. Providing DevSecOps pipeline maintenance support for the automation works Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge.

Understanding of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices.

9. Experience in rate limiting techniques and their integration into security configurations

10. Experience of version control and update mechanisms for WAF solutions

11. Competency in identifying and documenting platform and organizational logging options, with a focus on security implications and cloud environments.

12. Experience interfacing with SOC during WAF related security incidents

13. General connectivity / network issue management / service management experience