promaynov Advisory Services
Location
Mumbai | India
Job description
Job Description :- Develop and implement comprehensive WAF protection strategies that align with clients' security requirements and business objectives.- Design & Implement all the WAF functions like DDoS Protection, Attack Analytics, Client-Side Protection, Runtime Application Self-Protection (RASP), API Security , Advanced Bot Protection as per the Security requirements. - Provide oversight (incl. metrics, risks and issues, escalation management).Prioritize incidents and service tickets, changes, ad-hoc requests- Continuously assess and adapt the WAF protection posture to address emerging threats and vulnerabilities.- Lead the Implementation, configuration, and management of Imperva WAF solutions across client environments.- Ensure optimal performance, scalability, and availability of the Imperva WAF infrastructure.- Monitor and analyse activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks - Collaborate with the incident response team to address and resolve WAF incidents swiftly and effectively.- Provide expert guidance and consult with clients on Imperva WAF protection strategies, best practices, and solutions.- Conduct periodic review of WAF rules and data sources and periodic discussion with other Network Security teams to discuss / validate WAF policy/rule creation and tuning- Execute reports based on the business requirements; Work with business to oversee unstructured folder remediation- Provide oversight for operational incident tickets (P1/P2/P3) or service requests as per the agreed upon SLOs. Support with response to helpdesk inquiries L1/L2/L3 review, triage, and response to alerts triggered from the data protection solutions- Configure/ tune new and existing rulesets/policies for WAF as per the Clients requirements. - Regularly monitor and analyze the performance of Imperva WAF solutions to ensure they meet defined security and performance standards.- Implement optimization strategies to enhance the efficiency of WAF mitigation.- Maintain detailed documentation of configurations, incident response procedures, and best practices.- Prepare and deliver comprehensive reports on the status and effectiveness of Imperva WAF protection measures.Qualifications Required :- 6yrs plus experience with at least 2 years' experience in WAF design, implementation, and operations.- Knowledge and hands-on experience of security tools. Experience in IPS, WAF, Load Balancers, Firewalls and Network Security- Strong knowledge of web application security concepts, OWASP Top 10 vulnerabilities, and related mitigation techniques.- Experience with data protection and management, techniques, and process integration preferably within an enterprise organization or 3+ years of experience with security architecture and engineering of network, infrastructure, and cloud technology, preferably in multi-tenant environments.- Understanding of the entire ecosystem of network security including well-rounded understanding of the information security domains and their inter-relations across that ecosystem.- Hands on experience with Design, Implementation & operation of Imperva WAF.- Proven experience in configuring, managing, and troubleshooting Imperva Web Application Firewall solutions. - Level 3 experience with WAF Design & Implement support in enterprise/large corporate environment.- Contributed as Subject Matter Expert (SME) role on network security technologies.- Configured and deployed WAF related Policies for various Security Devices. - Created process documents, SOPS and runbooks for managing day-to-day operations - Excellent knowledge of ITIL and having strong capability to define, execute and enforce key ITIL processes like incident, problem and change management.- Able to plan, schedule, track and report on simple project timelines/milestones using collaboration tools such as ServiceNow / Jira.Preferred :- Imperva or AWS WAF related trainings or certifications is a plus. - Experience with leading and advising clients on security to include risk, governance, technology, regulatory drivers and IT security and frameworks such as NIST, ISO, ITIL standards- Excellent communication/planning/organizing skills to create an efficient work environment, one conducive to teamwork and collaboration, and encourage good communication between Client, employees and management.- Knowledge of cloud security and DevSecOps practices.- Prepared and ensured the standards, procedures are in place for the work of his or her team. (ref:hirist.tech)
Job tags
Salary
