WAF L3 Engineer

Role Description

This is a full-time on-site role for a WAF L3 Engineer located in Nagpur. The WAF L3 Engineer will be responsible for managing, configuring, and maintaining Web Application Firewall (WAF) solutions. Responsibilities include analyzing security threats, implementing and updating security policies, performing vulnerability assessments, troubleshooting issues, and optimizing web application security. The engineer will work closely with cross-functional teams to ensure secure and efficient system operations while adhering to compliance and security standards.

Key Responsibilities

• Serve as the L3 escalation point for critical incidents related to F5 WAF, SSLO, and other BIG-IP modules.
• Configure, tune, and maintain F5 Advanced WAF (formerly ASM) policies to protect against OWASP Top 10 vulnerabilities and other application-layer threats.
• Implement and manage F5 BIG-IP SSL Orchestrator (SSLO) for traffic decryption and steering to security devices.
• Manage configurations for F5 BIG-IP platforms, including virtual servers, profiles, and iRules, and perform upgrades and patching.
• Coordinate with F5 support (TAC) and other OEMs for technical assistance, Return Merchandise Authorization (RMA), and reconfiguration.
• Perform root cause analysis (RCA) on complex security incidents and recommend preventive measures.
• Troubleshoot and resolve complex application traffic anomalies, security violations, and connectivity issues.
• Investigate and resolve WAF incidents by analyzing packet captures using tools like Wireshark.
• Maintain network and security architecture diagram and review and update the based-on changes. Further, proper maintenance for LLD and HLD for each solution and regular update of the same.
• Provide the suggestions for any enhancements/changes that can enhance the security posture and/or add business value to the delivery framework.
• Develop and document standard operating procedures and runbooks for incident response related to WAF & SSLO events.
• Shall analyze incidents independently & identify root cause and act for containment and remediation.
• Provides engineering analysis and architectural design of technical solutions
• Sound analytical and troubleshooting skills
• Good Team Management and co-ordination skills