Search for More Jobs
Forward this job to a friend
Apply by email without Registering
Apply by creating/using account
Please enter your registered email address, and we'll email you a link to reset your password right away.
My name is Rashmeet Singh, Our records show that you are an experienced IT professional with experience in F5 ASM. This experience is relevant to one of my current openings.
Position: F5 ASM (WAF) Consultant
Location: Minneapolis, MN
Type: Full Time
Client: Syntel Inc.
End Client: Willis Towers Watson
Key Responsibilities include:
· Create, deploy, maintain and troubleshoot F5 ASM policies for new and existing web applications
· Configure and manage WAF configuration for Imperva cloud WAF.
· Review vulnerabilities that impact web applications and develop WAF "Virtual Patching” solutions
· Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks
· Review WAF usage and define means to improve and mature protection policies
· Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications
· Interpret web protocol information to determine source, intent, and risk of threat agents
· Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability
· Participate in technical design activities to ensure a sound design and any infrastructure impact is understood
· Create and maintain technical documentation regarding the WAF instructor including network diagrams, policies and operational procedures for managing the infrastructure.
· Work closely with Development, QA, Operations, InfoSec, and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks
· Review vulnerability scan output and assess where WAF configuration can be used to mitigate attacks.
· Basic understanding of data flow technologies such as routing, natting, arps and associated command line tools such as tcpdump
· Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
Knowledge and experience of F5 Load Balancers and Products:
· WAF policy development for protecting existing applications
· Reviewing and analyzing security reports
· Reviewing security techniques and technologies regularly to remain aware of best practice
· Ensuring the operation of technical systems are consistent with policies and procedures
· Following the latest security trends and vulnerabilities
Qualifications and Experience:
10 +years of WAF experience
· Security Qualifications preferred e.g. F5 CTS-ASM/CISSP/CISM/ISC2/CEH or equivalent
· Previous experience of working within a regulated environment i.e. in the financial services, Insurance industry
· Full understanding of the application project life cycle and process/procedure design.
· Knowledge and hands-on experience of security tools. Experience in IPS, WAF, Load Balancers, Firewalls and Network Security
· Experience in Application Security and Technologies
· Experience in security vulnerability scanning. Experience with audit event collection and reporting toolsets
Required Non-Technical Skills:
· Proven analytical and problem-solving abilities.
· Ability to conduct research into IT security issues and products as required.
· Self-motivated and directed.
· Keen attention to detail.
· Team-oriented and skilled in working within a collaborative environment.
· High Integrity & work ethic, good communication skills, positive demeanour
· Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls
Thanks & Regards..
Rashmeet Singh Sahni
IDC Technologies, Inc.
Work: 408-457-9381 Ext. 4007
Empowering Technologies Services
Remote Services | IT Services | BPO |
IT Consulting | Staffing Solutions |
The views and opinions included in this email belong to their author and do not necessarily mirror the views and opinions of the company. Our employees are obliged not to make any defamatory clauses, infringe, or authorize infringement of any legal right. Therefore, the company will not take any liability for such statements included in emails. This message is sent in compliance with the new email bill section 301. Under Bill S.1618 TITLE III passed by the 105th US Congress, this message cannot be considered SPAM as long as we include the way to be removed, Paragraph (a)(c) of S.1618, further transmissions to you by the sender of this email may be stopped at no cost to you by sending a response of "REMOVE” in the subject line of the email, we really will remove you with immediate effect.
Apply by creating/using account