Cyber SDC - WAF Operations Solution Engineer - Senior - Consulting

WAF Operations Solution Engineer

Location:

Anywhere in Country

As a WAF Operations Solution Engineer, you will be responsible for implementing and managing Web Application Firewall (WAF) solutions to protect client applications from cyber threats. You will work within a team of cybersecurity professionals to establish effective security measures that safeguard web applications and data.

• Configure, manage, and optimize WAF solutions to establish effective security controls for web applications.
• Provide ongoing operational coverage of web application firewalls, ensuring they function correctly and efficiently.
• Monitor application traffic and security events to identify potential threats and vulnerabilities.
• Conduct thorough analysis of security incidents, including root cause analysis and remediation efforts.
• Collaborate with incident response teams to investigate and respond to security incidents in a timely manner.
• Develop and maintain WAF policies, rules, and documentation to align with best practices and compliance requirements.
• Provide support for security audits and assessments, promoting adherence to security standards and policies.
• Stay current with emerging threats, vulnerabilities, and security technologies to enhance the organization's security posture.
• Utilize various WAF solutions, including Cloudflare and Imperva, for implementation and management, ensuring optimal configuration and performance.
• Leverage Terraform for infrastructure as code (IaC) to automate the deployment and management of WAF solutions.
• Mentor junior engineers and provide guidance on WAF management and incident response processes.

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field preferred.
• 3–5 years of experience in web application security operations, with a focus on WAF management.
• Hands‑on experience with WAF solutions such as Cloudflare and Imperva is required.
• Proficiency in using Terraform for infrastructure automation is preferred.
• Strong understanding of web application protocols, security principles, and best practices.
• Familiarity with ITIL processes and ticketing systems for incident management.
• Relevant certifications (e.g., CISSP, Security+) are a plus.
• Excellent analytical, problem‑solving, and communication skills.
• Ability to work independently and collaboratively in a fast‑paced environment.

EY is committed to equal employment opportunity and provides accommodations for qualified individuals with disabilities. All applicants are considered without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.