WAF Technical specialist

Job Description

Role : WAF Technical Specialist - Application Security

Description:

Airbus is on its Digital journey and the objective is to transform the company and to prepare it for the

future. This transformation includes new global governance, new ways of working and the

implementation of digital business services and platforms. As a part of this transformation journey we

have set up a GIC in the silicon valley of India - Bangalore. This state of the art GIC is responsible for

driving excellence in IT and OT for Airbus.

Challenges are numerous and exciting.!

What is the Airbus Application Security team doing

Security for Applications is designed to strengthen Airbus applications against evolving threats, reduce

vulnerabilities and de-risk them by applying all the necessary security controls.

Your role as a WAF Solution Engineer is to support the overall management of Airbus Web Application

Firewall in the context of the Application Security and Secure Development and Operations of Software

Applications. Your role is key as you contribute to the overall performance and success of Airbus Digital

Security Posture.

Qualification & Experience:

We seek out curious minds! We value attention to detail! And we care deeply about outcomes!

We're looking for passionate people, who are eager to learn, willing to share, and establishing innovative

ways of working and influencing cultural changes

Bachelor or masters in Computer Science, Engineering, or related field would be preferred

5 to 8+ years of relevant experience as a WAF Engineer / Application Security Specialist

Hands-on experience in management, deployment and operation of Web Application Firewall technologies

(Specially Imperva WAF)

Strong understanding of a large range of security topics from Hardware systems, O.S. (Linux),

Applications, IAM, Networks, Database to Encryption and new age Digital capabilities

In-depth knowledge of common application security vulnerabilities: OWASP Top 10, SANS Top 25 and their

mitigation controls & strategies

Knowledge of monolithic & microservices application architecture and knowledge of common

web application frameworks

Good to have relevant industry certifications: CCNA, CISSP, OSCP, CompTIA Security+ etc.

Proven ability to prioritise workload, meet deadlines, and utilise time effectively

A team player with excellent interpersonal, communication and negotiation skills

Knowledge of Agile frameworks: SAFe, Scrum, Kanban is an added advantage

Responsibilities

As a WAF Solution Engineer with our Application Security team, you will work on the following activities:

Secure deployment and configuration of the WAF solutions to protect Airbus web applications

from common vulnerabilities, DDoS attacks, and other malicious activities

Analyze detection patterns and contribute towards fine-tuning of the WAF detection capabilities Automate WAF rule management and reporting, ensuring ongoing optimization and integration with

security monitoring tools like SIEM

Support in the implementation of WAF solutions for Airbus roofs (Airbus regional offices outside

core countries)

Coordinate with Security architects and Application owners to ensure on-boarding of their web

applications into WAF services

Connect and collaborate with the Vulnerability management, Critical asset protection & Business

teams to manage WAF non-compliances and enable remediation

Provide recommendations, support and guidance to other security team and application owners

on WAF services

Build integrated dashboards that measure the progress of WAF deployment and WAF service key

performance indicators (KPIs)

Ensure close alignment with the Application Security Product Manager /Owners on strategies &

roadmap

The candidate will also support the control of financial aspects of the WAF services and acting as

an interface with the Airbus subcontractors that provide the WAF services

Participate in Security threat and monitoring forums to learn and stay abreast on latest security

trends, threats, and vulnerabilities, continually building knowledge in the cyber threat

landscapes and good practices

Participate in workshops, training, certifications & security conferences to enhance skills in Cyber

Security Benefits

You will be part of a truly international team

Travel opportunities (domestic and international)

Competitive remuneration, bonus and incentives

Good work / life balance and career growth opportunities

Training and development opportunities (online, classroom, conferences)

Comprehensive benefits package (complementary health and life insurance)

Success Metrics

Success will be measured in a variety of areas, including but not limited to

Consistently ensure the on-time delivery and quality (first-time-right) of the projects

Bring innovative cost effective solutions