Web Application Firewall Engineer

Position Description

The Web Application Firewall Engineer is a key member of our financial client''s Information Protection & Risk Management organization, responsible for protecting internet-facing applications from modern web and API attacks. This role sits within the Cyber Security Technology group and is focused on designing, deploying, operating, and tuning enterprise Web Application Firewall (WAF) controls including F5 ASM/AWAF and Akamai Kona. The engineer will partner closely with security, network, cloud, and application teams to ensure secure, reliable, and compliant web application delivery across our financial client''s environment.

Job Responsibilities

• Operate, monitor, and support enterprise web application firewalls (F5 ASM/AWAF and Akamai Kona) across multiple environments.

• Perform advanced troubleshooting of WAF-related issues, including analysis of HTTP/S traffic, WAF logs, and backend application behavior.

• Design, implement, and tune WAF policies and rules to mitigate OWASP Top 10 vulnerabilities, bot attacks, and other application-layer threats while minimizing false positives.

• Support architecture and engineering activities for WAF and broader web security solutions, including new applications, APIs, and security projects.

• Conduct regular health checks, capacity reviews, and user activity audits for WAF and related security infrastructure.

• Analyze security and application logs, identify attack patterns, and implement proactive rule updates or signatures.

• Collaborate with application developers, DevOps, and cloud teams to integrate WAF controls into application delivery pipelines and support secure coding practices.

• Create and maintain detailed documentation, including design diagrams, standards, runbooks, and operational procedures.

• Participate in incident response for web application and API security events, including triage, containment, and post-incident review.

• Contribute to automation initiatives for WAF configuration, deployments, and reporting using scripting and APIs.

• Potentially support and cross-train on adjacent network security technologies such as traditional firewalls, Network Access Control (NAC), load balancers, and DDoS protection.

Required Qualifications

• 5–8+ years of experience deploying and operating enterprise Web Application Firewalls in large, complex environments.

• Hands-on expertise with at least two of the following: Akamai Kona, F5 ASM/AWAF, Salt API Protection (or equivalent API protection solution).

• Strong understanding of web technologies and protocols, including HTTP/S, TLS, cookies, headers, REST APIs, and common authentication mechanisms.

• Solid knowledge of application-layer security fundamentals and common vulnerabilities (e.g., OWASP Top 10, bot and scraper attacks, API abuse).

• Proficiency in troubleshooting web and network issues using packet captures (e.g., tcpdump, Wireshark), CLI tools, and HTTP debugging tools.

• Experience analyzing application and WAF logs, correlating with backend services, and working directly with developers to resolve security and functionality issues.

• Bachelor''s degree in Information Systems, Computer Science, Cybersecurity, or related field, or equivalent experience.

• Excellent written and verbal communication skills, with the ability to explain complex technical issues to non-technical stakeholders.

• Demonstrated customer-focused mindset, with experience managing expectations and building long-term relationships with business and technology partners.

• Willingness to work a flexible schedule, including on-call rotation for incident resolution.

Preferred / Nice-to-Have Skills

• Experience with API security and Web Application & API Protection (WAAP), including rate limiting, schema validation, and JWT/OAuth-aware policies.

• Familiarity with cloud platforms (AWS, Azure, Google Cloud Platform) and integrating WAF/WAAP solutions with cloud-native load balancers, CDNs, and ingress controllers.

• Scripting or coding skills (Python, PowerShell, or similar) for automation, reporting, and integration with CI/CD pipelines.

• Experience with Infrastructure-as-Code and configuration management tools (e.g., Terraform, Ansible) for security configuration management.

• Understanding of broader network security technologies (NAC, firewalls, proxies, DDoS mitigation, DNS security).

• Background in regulated environments (e.g., financial services) and familiarity with relevant compliance and risk management practices.

• Relevant security certifications (e.g., GWAPT, GWEB, CISSP, vendor-specific F5 or Akamai credentials).