Azure Web Application Firewall & Cyber Security Tools Engineer

Role/Title: Azure Web Application Firewall & Cyber Security Tools Engineer

Location: Remote

Job Description We are seeking a highly skilled and motivated Azure Web Application Firewall & Cyber Security Tools Engineer to join our team. The Azure Web Application Firewall & Security Tools Engineer will support the Technical Security Solutions Operations (TSSO) service by managing and optimizing critical web application security firewalls and associated security tools. This role is divided approximately 70/30 between (1) administering and enhancing WAF solutions and related security technologies, and (2) supporting additional enterprise security controls.

Key Responsibilities:

Azure WAF Operations

• Administer and maintain Azure Front Door WAF and Azure Application Gateway WAF policies, rulesets, exclusions, and custom signatures to protect web applications against OWASP Top 10 and emerging threats.
• Coordinate with application teams to design protection profiles per app and/or per path, align rules with business requirements, and ensure safe rollouts.
• Monitor WAF efficacy, coverage, and performance; analyze events and false positives; tune policies to reduce friction while maintaining strong protection.

Automation, Deployments & Configuration-as-Code

• Build and maintain Terraform modules for Azure Front Door and Application Gateway WAF resources, ensuring version-controlled deployments.
• Operate CI/CD pipelines for GitHub-based deployments, including branching strategies, environment promotion, and rollback procedures.
• Use Terraform code to define, validate, and deploy WAF configurations.

Stakeholder Support & Incident Response

• Respond to WAF-related tickets and inquiries using established TSSO processes; assist teams in interpreting WAF logs, diagnosing blocks, and resolving configuration challenges.
• Provide clear guidance during incidents/outages, including rapid policy tuning, targeted rule adjustments, and coordination with application owners and Infrastructure & Operations.
• Document operational standards, deployment runbooks, troubleshooting guides, and best practices.

Security Tools Support

• Provide operational support for additional security tools, including Proofpoint, Digital Guardian, Windows Certificate Services, Silverfort, Calico, F5 ASM, Rapid7 Nexpose, and Qualys.
• Assist in troubleshooting, performance tuning, and implementing updates or enhancements across supported platforms.

Required Skills & Experience:

• Hands-on administration of Azure Front Door WAF and Azure Application Gateway WAF (policy authoring, tuning, exclusions, custom rules).
• Terraform expertise for Azure resources and GitHub deployments.
• Proven ability to use code to configure Azure firewalls/WAFs.
• Scripting skills to automate configuration, validations, and operational tasks (PowerShell, Bash, or Python).
• Strong understanding of web application security (OWASP Top 10, bot protection, API protection, TLS, header-based controls) and secure DevOps practices.

Desired Skills:

• Experience with F5 ASM Web application Firewall and ASM policy tuning.
• Exposure to Calico, Proofpoint email security, Netskope, Digital Guardian, Silverfort, and vulnerability management tools.
• PKI fundamentals and certificate lifecycle management (Windows Certificate Services, CA hierarchies).
• Agile delivery experience (scrum/kanban, backlog grooming, story writing).
• Practical DevSecOps experience integrating security controls into CI/CD, policy-as-code, and automated testing.

Qualifications:

• 5+ years in application security, cloud security, or network security engineering roles.
• Demonstrated success operating Azure WAF(Azure Front Door and/or Application Gateway).
• Track record of building infrastructure-as-code for security controls and running Git-based deployment pipelines.
• Excellent documentation, communication, and stakeholder collaboration skills.
• Ability to manage shifting priorities and deliver secure, reliable outcomes in a dynamic environment.

About AgreeYa:
AgreeYa is a global systems integrator delivering a competitive advantage for its customers through software, solutions, and services. Established in 1999, AgreeYa is headquartered in Folsom, California, with a global footprint and a team of more than 1,800+ professionals across offices. AgreeYa works with 550+ organizations ranging from Fortune 100 firms to small and large businesses across industries such as Telecom, Banking, Financial Services & Insurance, Healthcare, Utility & Energy, Technology, Public Sector, Pharma & Biotech, Retail, Client, and others. Please visit us at for more information.
Equal Opportunity:
AgreeYa is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, veteran status or other protected characteristics. Visit our website at to learn about our Career & Culture.