Description
F5 ASM/AWAF Architect/Trusted Security Advisor
You will be responsible for the WAF/ASM Service Strategy and act as Trusted Security Advisor.
You're an expert in understanding cybersecurity, networking traffic analysis, Application traffic analysis, fraud detection, threat hunting, WAF security policies, and configuring/managing F5 ASM appliances.
Main responsibilities:
. Act as an Advisory role for WAF Strategy (Whitelisting combined with Blacklisting)
. Manage the Strategy and procedures for Onboarding of new and existing applications
. Optimize Procedures and Reporting
. Define metrics and KPI for reporting
. SLA
. Customer trust relationship
. Analyzing application layer 7 traffic flows for integration with Big-IP.
. Writing ASM policy baselines to support blocking of OWASP TOP 10 recommendations
. Advise on alternative solutions for Web application Security gaps
. Guide the engineering team to set up the new ASM policies in learning mode, policies with recommended changes.
. Using Qradar for the analysis of event logs to take action or update policies as required.
You'll need to have:
. System administration experience with F5 Big-IP ASM Web Application Firewall.
. Strong communication skills
. Experience in procedural environment
Even better if you have:
. Experience in Application Environment and Application release management.
. Web development background with experience in one or more of these technologies: Java, .NET, REST, PHP, RUBY, HTML5, AJAX.
. Change management experience
. Certifications such as CISSP, CEH, GIAC, or equivalent.
. Strong understanding of the HTTP protocol and the OWASP Top 10.
. DB and Web hardening experience.
. Penetration testing experience.
. Web service scanning/fuzzing experience.
. Information Security related background.
. Web development background with experience in one or more of these technologies: Java, .NET, REST, PHP, RUBY, HTML5, AJAX.
. Familiarity with security testing tools and methodologies, networking and knowledge of numerous operating systems (OS) and web platforms.