Cloud and Application Security Engineer

Job Summary Deployment and management of web application firewalls and vulnerability management to protect cloud and on-premises environments from cyber threats. Responsibilities • Create, deploy, maintain, and troubleshoot F5 ASM policies to secure new and existing web applications • Configure and manage Web Application Firewall (WAF) settings for Azure and AWS cloud environments • Review web application vulnerabilities and develop WAF virtual patching solutions to mitigate risks • Monitor and analyze activity logs to detect malicious traffic and indicators of compromise while minimizing false positives • Evaluate WAF usage and implement improvements to enhance protection policies • Collaborate with developers and security teams to ensure security requirements are met and applications are protected from cyber-attacks • Interpret web protocol data to identify threat sources, intent, and risk levels • Provide preventative maintenance and promptly resolve infrastructure and application issues to maintain stability • Participate in technical design reviews to assess infrastructure impact and ensure sound security architecture • Create and maintain technical documentation including network diagrams, policies, and operational procedures for WAF infrastructure management • Manage the full vulnerability management lifecycle by performing assessments, generating reports, and collaborating with stakeholders to prioritize and remediate vulnerabilities • Execute firewall change requests and troubleshoot network connectivity issues related to firewall configurations and policies Experience and Skills Requirements • Full understanding of the application project life cycle and process/procedure design. • Knowledge and hands-on experience of security tools. Experience in IPS, WAF, Load Balancers, Firewalls (e.g. Palo Alto) and Network Security • Experience in Application Security and Technologies • Experience in security vulnerability scanning. Experience with audit event collection and reporting toolsets • Experience in vulnerability management processes, including assessment, reporting, and stakeholder engagement to ensure timely identification and remediation of security vulnerabilities. • Proficiency in SIEM platforms with demonstrated ability to develop custom reports and dashboards • Experience with Cloud Security Certifications • Security certifications such as F5 CTS-ASM, CISSP, CISM, ISC2, CEH, PCNSE, or equivalent • Cloud security or related certifications