infrastructure
Added 2 weeks agoInfrastructure Engineer - Networking & WAF Specialist
Bangalore, IndiaHybrid
Responsibilities
- WAF & Application Security Architecture WAF Engineering: Architect and manage the F5 and Signal Sciences WAF infrastructure.
- Develop custom rules to mitigate OWASP Top 10 threats, bots, and zero-day vulnerabilities immediately upon discovery.
- Micro-segmentation: Design network policies that isolate critical on-premise databases from public cloud front-ends, strictly enforcing "Least Privilege" network access.
- Implement CIS Benchmarks and ensure all deployed assets match strict security baselines before they go live.
- Prioritize remediation based on threat intelligence and ensure critical CVEs are resolved within SLAs.
- Ensure that developers cannot deploy vulnerable code or images by accident. Required
Requirements
- Our services leverage Cloud Computing infrastructure on Azure, AWS & GCP to build at scale.
- The ideal candidate will possess deep technical expertise in Web Application Firewalls (WAF) and the F5 ecosystem , with a strong focus on enforcing "Security as Code" and proactively managing the security posture of our infrastructure pipelines and runtime environments. Basic Requirements Key Responsibilities 1.
- Move beyond basic setup to perform continuous threat modeling and rule tuning to minimize false positives while blocking active attacks.
- Hybrid Network Security Secure Ingress Operations: Manage Kubernetes Ingress (F5 Nginx) with a focus on TLS/SSL termination , mutual TLS (mTLS) for service-to-service communication, and certificate rotation rather than just load balancing.
- Hybrid Connectivity Security: Secure the interconnects (VPN/Direct Connect) between on-prem data centers and Cloud (AWS/GCP/Azure), ensuring encrypted and authenticated transit. 3.
- Primary Tech Stack: Deep expertise in F5 (LTM/ASM/AFM) and Nginx Ingress Controller .
- Security Domain: Strong grasp of WAF tuning, Micro-segmentation , DDoS mitigation strategies, and Zero Trust Networking principles.
- Hybrid Skills: Proven ability to secure complex environments that span physical data centers and public clouds (AWS/GCP/Azure). Tooling:
- Experience with Security as Code tools (Terraform, OPA) and Pipeline Security scanners (e.g., Snyk, Trivy, or SonarQube). Preferred