Job Description

Role Purpose

The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats

Azure WAF Cloud engineer͏

WAF solutions for edge, cloud, and on-premise

Cloud services and their WAF controls

Web Application security attack methods and mitigations

WAF tuning and configuration

IDAM protocols and access control measures for WAF management

HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices

Rate limiting techniques

Deep knowledge of WAF functionalities and limitations

General connectivity / network issue management / service management

Proficiency in Continuous Integration and Continuous Deployment tools (Jenkins, CircleCI, Travis CI, GitLab CI, and Bamboo)

Strong skills in scripting languages such as Python, Bash, PowerShell

Infrastructure as Code (IaC) (Terraform, Ansible, Chef, or Puppet)

API Integration and Management:

Containerization and Orchestration / Cloud Platforms

Monitoring and Logging tools such as Prometheus, Grafana, ELK Stack (Elasticsearch, Logstash, Kibana), or Splunk

Networking and Security Fundamentals:

AWAF or WAF solutions:

Verbal and written communication skills

Manage multiple priorities, commitments and projects

Development of custom WAF rules and security testing packages

OWASP top 10 vulnerabilities

Automate security testing within CI/CD pipelines

͏

i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives

ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture

iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs

iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology

v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions

vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps

vii. Evaluate and recommend solutions to integrate with overall technology ecosystem

viii. Tracks industry and application trends and relates these to planning current and future IT needs

͏

2. Stakeholder coordination & audit assistance

a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations

b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security

c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements

d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers

e. Provide training to employees on issues such as spam and unwanted or malicious emails

͏

Deliver

		**No Performance Parameter Measure**

		1
		Customer centricity
		Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers.

		2
		Support sales team to create wins
		% of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led