CrawlJobs Logo

Waf Engineer

zelis.com Logo

Zelis

Location Icon

Location:
India , Hyderabad

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

WAF Engineer with 5+ years of experience securing web applications and APIs using Web Application Firewalls and edge security controls. You will own WAF policy design, tuning, deployment automation, and operational response to attacks (OWASP Top 10, bot abuse, L7 DDoS). You’ll partner closely with DevOps/SRE and application teams to improve protection while minimizing false positives and performance impact.

Job Responsibility:

  • Design, implement, and manage WAF policies for web applications and APIs across environments (dev/stage/prod)
  • Configure and tune managed rules and custom rules to mitigate OWASP Top 10 (SQLi, XSS, CSRF, RCE, LFI/RFI, SSRF, etc.)
  • Perform rule tuning and false-positive reduction using traffic baselining, exception handling, and staged enforcement (monitor → challenge → block)
  • Implement rate limiting, IP reputation, geo/ASN controls, and bot mitigation strategies to reduce abuse and credential stuffing
  • Integrate WAF logs with SIEM/log platforms (Splunk, Sentinel, ELK, QRadar) and build dashboards/alerts for threat monitoring
  • Support incident response for active attacks (L7 DDoS, exploit attempts), including rapid mitigation and post-incident improvements
  • Automate deployments using IaC (Terraform/CloudFormation/ARM/Bicep) and integrate with CI/CD pipelines
  • Conduct periodic security reviews, reporting, and metrics tracking (blocked events, top attacks, FP rate, MTTR)
  • Collaborate with app teams on secure configuration (headers, TLS, authentication flows) and compatibility testing

Requirements:

  • 5+ years experience in WAF engineering / application security / edge security
  • Hands-on experience with at least one WAF platform: AWS WAF, Azure WAF, Cloudflare, F5 ASM/Advanced WAF, Imperva, Akamai, ModSecurity (any one or more)
  • Strong understanding of HTTP/HTTPS, web app architecture, REST APIs, and common attack patterns
  • Proven experience tuning WAF rules and balancing security vs. false positives
  • Experience with logging/monitoring and SIEM integrations
  • Scripting/automation skills: Powershell/Python/Bash (plus regex and JSON/YAML)
  • Familiarity with CI/CD and Infrastructure-as-Code principles
  • Good troubleshooting and stakeholder communication skills

Nice to have:

  • Experience with bot management and advanced detection techniques (behavioral, fingerprinting where supported)
  • Experience with API gateways and API security controls (schema validation, auth hardening)
  • Working knowledge of cloud networking/CDN/reverse proxy concepts
  • Security certifications: AWS Security Specialty, Azure Security Engineer, CCSP, CEH, Security+ (nice to have)
What we offer:
  • Hybrid work flexibility
  • Comprehensive healthcare benefits
  • Financial wellness programs
  • Cultural celebrations

Additional Information:

Job Posted:
February 20, 2026

Expiration:
March 31, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Zelis - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Waf Engineer

Security Engineer WAF and SSLO

The Security Engineer L2 will be a key member of our network security team, resp...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BE/B-Tech/BCA or master’s degree in CS/IT
  • CEH/CCNA/CCNP sec + OEM F5 Certification F5-CA/F5-CTS (2 certifications)
  • 4-6 years’ relevant experience
  • In-depth knowledge of F5 BIG-IP platforms, including LTM, ASM/WAF, and SSLO
  • Technology (OEM): F5 BIG-IP WAF/ASM, F5 BIG-IP SSL Orchestrator (SSLO)
Job Responsibility
Job Responsibility
  • Provide Level 2 operational support for F5 BIG-IP systems, specifically for WAF (ASM) and SSL Orchestrator (SSLO) modules
  • Monitor F5 platforms for performance, availability, and security events, responding to alerts and service-desk tickets in line with established SLAs
  • Analyze and resolve security incidents related to web applications and SSL/TLS traffic, performing first-pass diagnostics and fixing routine issues
  • Escalate complex or high-severity issues to the L3 engineering team and F5 Technical Assistance Center (TAC) as required
  • Manage and deploy Web Application Firewall (WAF) policies and security policies, including managing exceptions and performing policy tuning
  • Perform configuration changes and updates on F5 SSL Orchestrator for decrypting, inspecting, and re-encrypting SSL/TLS traffic
  • Implement standard configurations for new applications and services as per design guidelines and bank policies
  • Develop and maintain Standard Operating Procedures (SOPs), runbooks, and a knowledge base for incident resolution
  • Lead the troubleshooting efforts for security incidents, providing accurate root cause analysis (RCA)
  • Ensure that F5 WAF and SSLO configurations are compliant with the bank's security policies and regulatory requirements
  • Fulltime
Read More
Arrow Right

Security Engineer WAF and SSLO

The WAF & SSLO L2 Engineer will be a key member of our network security team, re...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in Information Technology or Computing
  • Certifications in security technologies
  • Strong technical support skills
  • Experience in troubleshooting
  • BE/B-Tech/BCA or master’s degree in CS/IT
  • CEH/CCNA/CCNP sec + OEM F5 Certification F5-CA/F5-CTS (2 certifications)
  • 4-6 years’ relevant experience
  • In-depth knowledge of F5 BIG-IP platforms, including LTM, ASM/WAF, and SSLO
Job Responsibility
Job Responsibility
  • Provide Level 2 operational support for F5 BIG-IP systems, specifically for WAF (ASM) and SSL Orchestrator (SSLO) modules
  • Monitor F5 platforms for performance, availability, and security events, responding to alerts and service-desk tickets in line with established SLAs
  • Analyze and resolve security incidents related to web applications and SSL/TLS traffic, performing first-pass diagnostics and fixing routine issues
  • Escalate complex or high-severity issues to the L3 engineering team and F5 Technical Assistance Center (TAC) as required
  • Manage and deploy Web Application Firewall (WAF) policies and security policies, including managing exceptions and performing policy tuning
  • Perform configuration changes and updates on F5 SSL Orchestrator for decrypting, inspecting, and re-encrypting SSL/TLS traffic
  • Implement standard configurations for new applications and services as per design guidelines and bank policies
  • Develop and maintain Standard Operating Procedures (SOPs), runbooks, and a knowledge base for incident resolution
  • Lead the troubleshooting efforts for security incidents, providing accurate root cause analysis (RCA)
  • Ensure that F5 WAF and SSLO configurations are compliant with the bank's security policies and regulatory requirements
  • Fulltime
Read More
Arrow Right
New

Security Engineer WAF and SSLO

The Security Engineer L2 will play a vital role in maintaining the bank's Web Ap...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science or IT
  • 4-6 years of relevant experience
  • CEH certification
  • CCNA certification
  • F5 certifications (F5-CA/F5-CTS)
  • In-depth knowledge of F5 BIG-IP platforms, including LTM, ASM/WAF, and SSLO
  • Strong troubleshooting skills
  • Solid understanding of network security principles
Job Responsibility
Job Responsibility
  • Provide Level 2 operational support for F5 BIG-IP systems, specifically for WAF (ASM) and SSL Orchestrator (SSLO) modules
  • Monitor F5 platforms for performance, availability, and security events, responding to alerts and service-desk tickets in line with established SLAs
  • Analyze and resolve security incidents related to web applications and SSL/TLS traffic, performing first-pass diagnostics and fixing routine issues
  • Escalate complex or high-severity issues to the L3 engineering team and F5 Technical Assistance Center (TAC) as required
  • Manage and deploy Web Application Firewall (WAF) policies and security policies, including managing exceptions and performing policy tuning
  • Perform configuration changes and updates on F5 SSL Orchestrator for decrypting, inspecting, and re-encrypting SSL/TLS traffic
  • Implement standard configurations for new applications and services as per design guidelines and bank policies
  • Develop and maintain Standard Operating Procedures (SOPs), runbooks, and a knowledge base for incident resolution
  • Lead the troubleshooting efforts for security incidents, providing accurate root cause analysis (RCA)
  • Ensure that F5 WAF and SSLO configurations are compliant with the bank's security policies and regulatory requirements
  • Fulltime
Read More
Arrow Right

Security Engineer WAF & SSLO (L3)

The L3 WAF and SSL Orchestration Engineer will be a senior technical expert resp...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Education*: BE/B-Tech/BCA or master’s degree in CS/IT
  • Certification*: CCNA/CCNP Sec + OEM F5 Certification F5-CA or F5-301 (2 certifications)
  • Experience*: 6-8 years’ relevant experience.
  • Technology (OEM)*: F5 BIG-IP (LTM, ASM),(HTTP/HTTPS, REST APIs),(OWASP Top 10, DDoS).
  • Skills: F5 BIG-IP LTM, Advanced WAF, and SSLO, understanding of web application security and OWASP Top 10
Job Responsibility
Job Responsibility
  • Serve as the L3 escalation point for critical incidents related to F5 WAF, SSLO, and other BIG-IP modules.
  • Configure, tune, and maintain F5 Advanced WAF (formerly ASM) policies to protect against OWASP Top 10 vulnerabilities and other application-layer threats.
  • Implement and manage F5 BIG-IP SSL Orchestrator (SSLO) for traffic decryption and steering to security devices.
  • Manage configurations for F5 BIG-IP platforms, including virtual servers, profiles, and iRules, and perform upgrades and patching.
  • Coordinate with F5 support (TAC) and other OEMs for technical assistance, Return Merchandise Authorization (RMA), and reconfiguration.
  • Perform root cause analysis (RCA) on complex security incidents and recommend preventive measures.
  • Troubleshoot and resolve complex application traffic anomalies, security violations, and connectivity issues.
  • Investigate and resolve WAF incidents by analyzing packet captures using tools like Wireshark.
  • Maintain network and security architecture diagram and review and update the based-on changes. Further, proper maintenance for LLD and HLD for each solution and regular update of the same.
  • Provide the suggestions for any enhancements/changes that can enhance the security posture and/or add business value to the delivery framework.
  • Fulltime
Read More
Arrow Right

Security Engineer

The Security Engineer position focuses on WAF and SSL Orchestrator solutions wit...
Location
Location
India , Kolkata
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science or IT
  • Certifications like CCNA and CompTIA Security+
  • 2-3 years of relevant experience
  • Passion for cybersecurity
Job Responsibility
Job Responsibility
  • Monitoring security infrastructure
  • Responding to incidents
  • Conducting health checks
Read More
Arrow Right
New

Security Engineer WAF & SSLO

The Security Engineer role focuses on WAF and SSL solutions within the Network S...
Location
Location
India , Kolkata
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science or IT (BE/B-Tech/BCA or master’s degree in CS/IT)
  • Relevant certifications (CCNA/ F5 Certified BIG-IP Admin (F5-CA)/CompTIA Security+/any equivalent OEM certification (At least 1 Certification))
  • 2-3 years’ relevant experience
  • Adequate knowledge of security devices like Firewalls, DDOS and other security devices
  • Technology (OEM) experience: F5, SLB, server pools, virtual servers, health monitors, TCP/IP, DNS, HTTP, and SSL/TLS
Job Responsibility
Job Responsibility
  • Monitor WAF dashboards, logs, and alerts in real-time to detect threats like SQL injections, cross-site scripting (XSS), and DDoS attacks
  • Perform real-time monitoring of SSLO to ensure the proper decryption and inspection of encrypted traffic by security tools
  • Conduct daily health checks and status verifications of WAF and SSLO devices and report any hardware or performance issues
  • Assist in generating daily, weekly, and monthly reports on security incidents and performance trends
  • Work with other IT teams (e.g., Network, Server, and Application Support) to resolve security-related issues
  • Respond to security alerts by performing initial analysis and logging incidents or tickets in the ITSM system
  • Validate security events to differentiate between genuine threats and false positives based on standard operating procedures (SOPs)
  • Escalate unresolved incidents to the L2/L3 security teams while providing accurate and detailed documentation
  • Maintain up-to-date and accurate records of incidents, changes, and standard operating procedures (SOPs)
  • Install application patches and signed software updates
  • Fulltime
Read More
Arrow Right

Security Engineer WAF & SSLO

As an L1 Engineer you need to join our Network Security Operations team, special...
Location
Location
India , Kolkata
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-3 years’ relevant experience
  • Bachelor's degree in Computer Science or Information Technology (BE/B-Tech/BCA or master’s degree in CS/IT)
  • CCNA/ F5 Certified BIG-IP Admin (F5-CA)/CompTIA Security+/any equivalent OEM certification (At least 1 Certification)
  • Adequate knowledge of security devices like Firewalls, DDOS and other security devices
  • Knowledge of technology (OEM): F5, SLB, server pools, virtual servers, health monitors. TCP/IP, DNS, HTTP, and SSL/TLS
  • Prepared to work in a 24/7 shift-based environment
Job Responsibility
Job Responsibility
  • Monitor WAF dashboards, logs, and alerts in real-time to detect threats like SQL injections, cross-site scripting (XSS), and DDoS attacks
  • Perform real-time monitoring of SSLO to ensure the proper decryption and inspection of encrypted traffic by security tools
  • Conduct daily health checks and status verifications of WAF and SSLO devices and report any hardware or performance issues
  • Assist in generating daily, weekly, and monthly reports on security incidents and performance trends
  • Work with other IT teams (e.g., Network, Server, and Application Support) to resolve security-related issues
  • Respond to security alerts by performing initial analysis and logging incidents or tickets in the ITSM system
  • Validate security events to differentiate between genuine threats and false positives based on standard operating procedures (SOPs)
  • Escalate unresolved incidents to the L2/L3 security teams while providing accurate and detailed documentation
  • Maintain up-to-date and accurate records of incidents, changes, and standard operating procedures (SOPs)
  • Install application patches and signed software updates in order to improve performance, enable additional functionality or enhance security standard including but not limited to Performing Scans, Management of the system, Updating of plugins and patches, etc.
  • Fulltime
Read More
Arrow Right

Security Engineer WAF & SSLO (L1)

The Support Services Security Engineer L1 role is an entry-level position focuse...
Location
Location
India , Pune
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree or relevant qualification in Information Technology or Computing or a related field
  • Associate level Certification in different Security Technologies such as Cisco, Microsoft, ARC, Audio Codes, PeterCOnnect, Sonus such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc
  • Entry level experience in Security technologies such as Firewall, IPS, IDS, Proxy etc
  • Entry level experience in technical support to clients
  • Entry level experience in diagnosis and troubleshooting
  • Entry level experience providing remote support in Security technologies
  • Entry level experience in relevant technology
  • Ability to communicate and work across different cultures and social groups
  • Ability to plan activities and projects well in advance and takes into account possible changing circumstances
  • Ability to maintain a positive outlook at work
Job Responsibility
Job Responsibility
  • Maintains the support process and ensures that requests for support are handled according to the procedures
  • Uses service assurance software and tools to investigate and diagnose problems, collects performance statistics and creates reports
  • Identifies and resolves problems following agreed procedures
  • Carries out agreed maintenance tasks
  • Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required
  • Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information
  • Analyses service records against agreed service levels regularly to identify actions required to maintain or improve levels of service, and initiates or reports these actions
  • Prioritises and diagnoses incidents according to agreed procedures
  • Investigates causes of incidents and seeks resolution
  • Escalates unresolved incidents and follows up until incident is resolved
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy