Create, deploy, maintain and troubleshoot F5 ASM policies for new and existing web applications
Configure and manage WAF configuration for Azure/AWS cloud WAF.
Review vulnerabilities that impact web applications and develop WAF "Virtual Patching" solutions.
Monitor and analyse activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks
Review WAF usage and define means to improve and mature protection policies Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications
Interpret web protocol information to determine source, intent, and risk of threat agents
Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability
Participate in technical design activities to ensure a sound design and any infrastructure impact is understood
Create and maintain technical documentation regarding the WAF infrastructure including network diagrams, policies and operational procedures for managing the infrastructure.
Work closely with developers and security team to ensure security requirements are met and web-applications are adequately protected from cyber-attacks
Review vulnerability scan output and assess where WAF configuration can be used to mitigate attacks.
Basic understanding of data flow technologies such as routing, natting, arps and associated command line tools such as tcpdump
Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
Experience and skills requirements
Technical experience
Full understanding of the application project life cycle and process/procedure design. Knowledge and hands-on experience of security tools. Experience in IPS, WAF, Load Balancers, Firewalls and Network Security
Experience in Application Security and Technologies
Experience in security vulnerability scanning. Experience with audit event collection and reporting toolsets
Certification
Security Qualifications preferred e.g. F5 CTS-ASM/CISSP/CISM/ISC2/CEH or equivalent
Added advantage with the following:
Proven analytical and problem-solving abilities.
Ability to conduct research into IT security issues and products as required. Self-motivated and directed.
Keen attention to detail.