Contract_WAF Migration Engineer_Bangalore/Hyderabad(Hybrid)

World Wide Technology (WWT), a 36-year-old global technology solutions provider specializing in systems integration, Infra-Cloud security, application development, AI Services, and supply chain solutions. With a workforce of 10,000+ employees and strategic partnerships with leading OEMs such as Cisco, Dell EMC, Microsoft, and NVIDIA, WWT delivers cutting-edge infrastructure, cloud, security, and custom application services to clients across 35 countries. Our Advanced Technology Centers (ATCs)—lab setup environments spanning over one million square feet of world-class integration and distribution space enable us to deliver unmatched value and innovation at scale. Recognized as one of the Best Places to Work by Glassdoor and Fortune for 14 consecutive years, WWT is also ranked #6 on India's Great Place to Work list for 2025.

World Wide Technology Holding Co, LLC. (WWT) currently has an exciting opportunity available for the role of F5 WAF to Cloudflare WAF Migration Engineer .If you are interested in this opportunity, please respond with an updated resume and the required details at the bottom of this email.

This is a contract Role & we use a global payroll partner to manage payroll for all contract opportunities with us. A proper background verification of past employments, criminal checks would be done for onboarding to any opportunity with WWT.

Role: F5 WAF to Cloudflare WAF Migration Engineer

Support the transition of application-layer perimeter protections from F5

ASM/Advanced WAF to Cloudflare WAF, including discovery, policy translation, testing,

phased cutover, and safe decommissioning of legacy WAF components.

Key responsibilities

• Assess current F5 ASM/Advanced WAF policies per application (profiles,

signatures, exceptions, IP intelligence, rate limits) and establish a migration

backlog.

• Translate F5 WAF protections to Cloudflare WAF constructs (managed rulesets,

custom rules/expressions, rate limiting, IP/Geo/ASN controls, bot protections if

licensed).

• Define test strategy and success criteria (false positives/negatives,

performance/latency, functional validation) and support test execution with

application teams.

• Support cutover activities: DNS and certificate readiness, allow lists, origin

protections, and rollback planning; execute phased migrations with change

control.

• Triage and tune Cloudflare WAF to reduce false positives while maintaining risk

coverage; document exceptions and compensating controls.

Information Classification: Limited Access

• Establish logging/telemetry for WAF events and integrate with SIEM; define

runbooks for operations.

• Support decommissioning of F5 WAF components where applicable, ensuring

auditability and controlled risk acceptance for any residual items.

Required skills and experience

• Hands-on F5 ASM/Advanced WAF experience (policy creation, signature tuning,

exceptions, attack types, learning/positive security where used).

• Hands-on Cloudflare WAF delivery experience (managed rulesets, custom

rules/expressions, rate limiting, logging/analytics).

• Strong knowledge of web security and OWASP Top 10; ability to manage false

positives/negatives during migrations.

• Solid HTTP/S and TLS fundamentals (certificates, SNI, header behaviour, reverse

proxy patterns).

• Cutover planning and change management for internet-facing services (rollback

approach, communications, stakeholder coordination).

• Logging/observability experience and SIEM integration for WAF/security

telemetry.

Preferred (nice to have)

• Experience with Cloudflare Logpush/analytics and operationalising WAF

monitoring in a SOC model.

• Automation/configuration-as-code experience for Cloudflare and/or F5

(Terraform, Ansible, CI/CD).

• API security and bot management patterns (if in scope/licensed).

• Experience with origin-protection patterns (mTLS, allow listing, authentication at

the edge) to reduce bypass risk post-migration.