Role Overview
We are seeking an experienced SOC L2 Analyst with strong hands-on experience working with Akamai security solutions (WAF, Bot Management, DDoS protection, edge security). The ideal candidate will investigate and respond to security events, tune and manage Akamai policies, onboard and document web applications, and collaborate with application and infrastructure teams to reduce risk and false positives.
Key Responsibilities:
- Monitor, investigate, and respond to security alerts related to Akamai WAF, Bot Management, and DDoS protections.
- Triage incidents, perform root-cause analysis, and escalate/coordinate remediation with application and infrastructure teams.
- Configure, tune and maintain Akamai Web Application Firewall (WAF) rules and policies to balance protection and availability.
- Manage Bot Management policies: classify bot traffic, tune bot scores, and update allow/block/reputation lists.
- Oversee Akamai edge configurations and ensure correct deployment of security rules across environments.
- Conduct periodic reviews of firewall and WAF rule efficacy, fine-tuning to reduce false positives and coverage gaps.
- Participate in attack simulation exercises (DDoS, bot attacks) and validate detection/mitigation.
- Onboard new applications to Akamai: capture app details, perform fingerprinting/behavior baselining, and implement protection profiles.
- Document application-specific WAF policies, response runbooks, and communicate changes to stakeholders.
- Maintain logs, reports, and KPIs (incidents resolved, mean time to detect/mitigate, false-positive rate).
- Stay current with threat actor techniques, bot ecosystem trends (good vs bad bots), and Akamai feature updates.
Required Skills & Knowledge:
- Proven hands-on experience with Akamai security products (Edge, Kona Site Defender / WAF, Bot Manager, DDoS protection).
- Strong understanding of web application firewalls (WAF): rule sets, custom rules, signatures, false-positive tuning.
- Solid knowledge of firewall types (network / next-gen firewalls, application firewalls) and how they differ from WAFs.
- Experience dealing with DDoS detection & mitigation workflows and Akamai DDoS capabilities.
- Deep understanding of bots: what bots are, differentiation between good and bad bots, and common bot behaviours.
- Familiarity with bot categorization and scoring mechanisms (how Akamai assigns bot scores, where scores/policies are managed and adjusted).
- Experience in bot mimicry / bypass testing and knowledge of defensive countermeasures (ethical testing only).
- Ability to document and explain differences between tarpitting vs blocking, and implement tarpitting where appropriate.
- Experience onboarding applications to Akamai: application discovery, configuration, fingerprinting, and baseline creation.
- Strong incident documentation and communication skills able to create clear WAF/application runbooks and stakeholder updates.
- Familiarity with fingerprinting techniques (e.g., device/fingerprints used for bot identification clarify company naming if Ge3 Fingerprinting is proprietary).
- Good Linux, networking (HTTP/S, TLS, TCP/IP), and log analysis skills.
- Experience with SIEMs, HTTP access logs, and analytics tools to support investigations.
Preferred Qualifications:
- Bachelor's degree in Computer Science, Information Security, or related field.
- Certifications such as GIAC/GSEC/GCIH, CCNA/CCNP, or Akamai Certified Professional (if available).
- Prior experience in an enterprise SOC or managed security services.
- Familiarity with automated playbooks and orchestration tools.
Experience - 3 to 6 Years
Email your resume at [Confidential Information]
