Network Engineer

Web Application firewall Specialist - Lead

Education : Degree in any of IT discipline

Required Technical and Professional Expertise

Key Roles & Responsibilities:

1. WAF Policy Management:

- Create, configure, and manage F5 WAF policies to protect web applications from OWASP Top 10 vulnerabilities (e.g., SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF)).

- Develop and enforce WAF security policies, procedures, and guidelines.

2. Web Application Profile Creation and Finetuning:

- Create and configure new web application profiles to ensure optimal security and performance.

- Continuously monitor and fine-tune WAF policies to minimize false positives and false negatives.

3. OWASP Top 10 Vulnerability Management:

- Stay up-to-date with OWASP Top 10 vulnerabilities and implement necessary WAF configurations to mitigate risks.

- Collaborate with development teams to identify and remediate vulnerabilities in web applications.

4. Security Event Monitoring and Incident Response:

- Monitor WAF logs and security events to detect and respond to potential security incidents.

- Investigate and analyze security incidents, and provide recommendations for remediation.

5. Configuration Management and Version Control:

- Manage WAF configuration changes, including version control and backup/recovery procedures.

- Ensure WAF configurations are aligned with industry best practices and organizational standards.

6. Performance Optimization and Troubleshooting:

- Optimize WAF performance to ensure minimal impact on web application availability and performance.

- Troubleshoot WAF-related issues and collaborate with F5 support and development teams to resolve problems.

7. Compliance and Reporting:

- Generate WAF security reports to demonstrate compliance with regulatory requirements (e.g., PCI-DSS, HIPAA).

- Provide WAF security metrics and insights to stakeholders.

8. Collaboration and Knowledge Sharing:

- Collaborate with cross-functional teams (e.g., development, network, security) to ensure WAF integration and effectiveness.

- Share knowledge and best practices with team members and other stakeholders.

9. F5 WAF Product Maintenance and Upgrades:

- Perform F5 WAF software upgrades, patches, and configuration changes.

- Ensure F5 WAF configurations are aligned with F5 best practices and recommendations.

10. Continuous Improvement and Training:

- Stay up-to-date with F5 WAF product updates, new features, and industry trends.

- Participate in training and certification programs to maintain expertise in F5 WAF administration.

Certification

F5-301/F5-303/Other Industry leading OEM Professional level Certification

Preferred Technical and Professional Experience -

Application Centric Infrastructure (ACI) deployment and data center experience

Experience with design and implementing Software Defined Network (SDN) and large complex networks.

Experience with protocols and technologies such as, BDP, OSPF, MP-FBP EVPN, VXLAN, or VPC