Information Security Engineer - Web Application Firewall (9-13 yrs)

Work Location : Wells Fargo International Solutions Pvt. Ltd.

Work Timing : 6:30 am to 10:30 pm IST(8 hours shift in shared time range).

Work Mode : 5 Days onsite (weekend support required during change).

About this role :

Network Security team is looking for an Information Security Engineer at Hyderabad/Bengaluru location to provide security engineering for inbound Web Applications and API's using Web Application Firewall(WAF), Web app and API protection(WAAP), Web Application and API Security solutions.

The Information Security Engineer will deploy, manage, and support enterprise WAF and WAAP deployments in alignment with enterprise change management policies and procedures.

This will include on-prem and cloud-based instances. Additional responsibilities will include participation in related control execution and periodic assignment to the team on-call rotation.

Job Description :

- Engineers and maintains the on-prem and cloud-based security perimeter for inbound Web Applications and API's.

- Deploy, manage, and support the Akamai Kona Site Defender.

- Deploy, manage, and support the enterprise Web Application Firewall (WAF), and Web app and API protection (WAAP) deployments - Akamai/Cloudflare/Imperva/F5.

- Deploy, manage, and support the Web Application and API Security solutions.

- Demonstrated enterprise experience in change management process.

- Strong working knowledge of providing/understanding network security documentation.

- Experience at on-call support for network security related issues.

- Hands-on experience on Splunk and SIEM tools.

- Collaborate and influence all levels of professionals including managers.

- Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives.

- Responsible for staging/configuration of network security products and implementations by following strict change management guidelines.

- Assist other security engineers at analysis or implementation work as needed.

- Participates in the research, analysis, design, testing and implementation of complex computer network security/protection technologies for company information and network systems/applications.

- Participates in the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems.

- Periodic assignment to the team on-call rotation.

Required Qualifications :

- Minimum 9 years of experience working in the network security products.

- Expert knowledge and hands-on experience on Akamai Kona Site Defender.

- Expert knowledge and hands-on experience on Web Application Firewall (WAF), and Web app and API protection (WAAP) solutions - Akamai/Cloudflare/Imperva/F5.

- Expert knowledge and hands-on experience on Web Application and API Security solutions - Akamai/Cloudflare.

- 3+ years of Information Security Engineering experience.

- 3+ years of in-depth knowledge and troubleshooting of HTTP based Web Applications.

- 3+ years knowledge and understanding of implementing WAF signatures or virtual patches.

- 2+ years of Intermediate to Advanced level experience with scripting/automation using tools such as Bash, Ansible Playbook/Role Development, PowerShell, Python, etc.

- 2+ years advanced understanding of Network concepts like DNS, Firewall and Load Balancing.

- Proven experience with change and incident management practices in medium to large enterprise environments.

- Experience with Agile Scrum or Kanban methodologies.

- Basic understanding of TLS, Certificates, and MTLS.

- Minimum of the CISSP/ BIG-IP ASM Specialist or higher is a plus.

Desired Qualifications :

- Excellent verbal, written, and interpersonal communication skills.

- Advanced Information Security technical skills and solid knowledge and understanding of information security practices and policies.

- ServiceNow, Jira and Confluence experience.

- Technical documentation experience.

- Strategic planning experience in translating leadership vision into executable strategies and initiatives.

- Technology experience in the Financial Services sector.

- Ability to coordinate completion of multiple tasks and meet aggressive time frames.

- Advanced critical thinking, problem solving and technical troubleshooting abilities.

- Strong analytical skills with high attention to detail and accuracy.

- Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization, within a large enterprise environment.

- Experience with Information Security Frameworks and standards (FFIEC, NIST, ISO).

- Ability to work off hours and occasional weekends to support change activities.