Web Application Firewall (WAF) Engineer

Job Summary:

Role:WAF - L2 Engineer

Experience: 3 to 6 years in Network Security

Location: Mumbai

OEM Expertise: F5 or Imperva

The WAF - L2 Engineer is a critical role within our Network Security team, responsible for managing and optimizing Web Application Firewall (WAF) solutions. The ideal candidate will bring 3 to 6 years of network security experience, with a specific focus on WAF management. This position is based in Mumbai and requires a strong technical background, excellent problem-solving skills, and the ability to work in a dynamic, fast-paced environment. The WAF - L2 Engineer will ensure the security and integrity of our network infrastructure, support incident response efforts, and collaborate with various teams to maintain high service levels.

Responsibilities:

• Manage and optimize Web Application Firewall (WAF) solutions.
• Integrate WAF solutions with various management and authentication tools such as email, AD, IAM, and SIEM.
• Automate processes using scripting and SOAR tools.
• Manage policies, exceptions, and perform packet capture, analysis, and troubleshooting.
• Oversee incident, problem, service request, change, configuration, and capacity management of WAF setups.
• Proactively use network monitoring tools to isolate events before service degradation.
• Support incident monitoring and analysis/response initiatives.
• Troubleshoot network issues across OSI Model layers 1, 2, and 3.
• Conduct daily performance checks, periodic audits, and ensure compliance.
• Perform immediate troubleshooting for network outages.
• Implement and maintain network security policies, standards, and procedures.
• Deploy and maintain access and security policies for WAF solutions.
• Maintain service levels and oversee the 24/7 configuration, administration, and monitoring of network security infrastructure.
• Coordinate with OEMs for TAC support, RMA, replacement, and reconfiguration of WAF.
• Create technical documentation, network diagrams, inventory control, and security documentation.
• Collaborate with helpdesk, IT support, and application support teams for high-priority incident resolution.
• Investigate, isolate, and resolve WAF incidents, providing Root Cause Analysis (RCA).
• Design and implement WAF solutions for Data Centers (DC), Disaster Recovery (DR), Cloud, and Branch office environments.
• Develop SOPs, Run books, and update knowledgebase in ITSM tools.
• Automate and integrate tools with REST API/SDK for security dashboards and InfoSec tools (AD, IDAM, PAM, SIEM, SOAR).
• Ensure compliance with audit points and timelines.
• Perform patch updates and upgrades per compliance and audit requirements.
• Lead and mentor L1 & L2 engineers.
• Analyze packet captures using tools like Wireshark/Pcap.
• Ensure timely closure of tickets within SLA and follow up on escalated tickets.
• Prepare SLA reports for respective technology.

Required Skills:

• Proficiency in managing WAF solutions such as F5 or Imperva
• Experience in Windows, Linux, Unix environments.
• Hands-on experience in commissioning, implementation, and integrating WAF solutions.
• Strong scripting and process automation skills.
• Experience in policy and exception management.
• Proficiency in packet capture, analysis, and troubleshooting tools.
• Incident and problem management skills.
• Strong verbal and written communication skills.
• Demonstrated ability to manage, analyze, and solve complex issues.
• Ability to lead and mentor a team of engineers.