Main responsabilities are :
Administer the WAF platform and manage transition between learn, log and blocking modes of operation as applicable.
Develop new WAF security policies and tune existing and pre-bundled WAF configurations to suit application security threat level or risk rating.
Provide level II & III support for WAF issues
Analyze alert logs and update / deploy new rules to prevent the attack as identified in the log.
Translate cyber threats and attacks to the WAF platform's capability of blocking them with a combination of policies and rulesets.
Correlate the findings of SAST and DAST scans and improve WAF rules.
Conduct security reviews of WAF rules periodically (once a year at a minimum)
Develop and maintain WAF network architecture and security design documentation
Bachelor's degree in a related field, or an equivalent combination of education and experience. Highly proficient in WAF technologies.
Highly knowledgeable in Application Security attacks and prevention mechanisms. Great understanding of OWASP top 10 and CWE top 25 risks and their mitigation techniques.
Great troubleshooting and analysis skills. English Advanced.