Technical Specialist - Application Security

Job Title: Technical Specialist - Application SecurityJob Purpose: IT Security Ops – BAU SupportQualification: Bachelor’s degree in computer science, Information Technology, or related field.Experience:8 – 10 Years ,At least 6 - 8 years of experience in IT Security DomainCertification: Relevant certifications (e.g., Forcepoint Certified, CISSP)Responsibilities:Application Security: F5 WAF

• Lead the implementation and configuration of F5 WAF across enterprise environments.
• Perform advanced troubleshooting and root cause analysis of WAF-related issues.
• Monitor WAF logs and alerts to identify and respond to potential threats.
• Develop and maintain WAF policies, rulesets, and custom signatures.
• Collaborate with application and infrastructure teams to ensure secure application delivery.
• Conduct regular WAF health checks, performance tuning, and upgrades.
• Provide L3 support for escalated incidents and service requests.
• Participate in security assessments and vulnerability management initiatives.
• Document technical procedures, configurations, and incident reports.
• Mentor junior engineers and contribute to knowledge sharing.

DAM Responsibilities:

• Deploy, configure, and manage Database Activity Monitoring (DAM) solutions (e.g., Forcepoint DAM, Imperva or AURVA).
• Monitor and analyze database activity to detect anomalies, unauthorized access, and policy violations.
• Create and manage DAM policies, alerts, and reports for compliance and auditing.
• Integrate DAM with SIEM and other security platforms for centralized monitoring.
• Collaborate with database administrators and compliance teams to ensure secure and compliant data access.
• Perform forensic analysis and support investigations related to database activity.

SSL Certificates:

• Manage the full lifecycle of SSL/TLS certificates including issuance, renewal, revocation, and replacement.
• Work with Certificate Authorities (CAs) to procure certificates according to organizational needs.
• Configure and deploy SSL certificates on web servers, load balancers, mail servers, and other network devices.
• Monitor SSL certificate expirations and maintain an inventory to avoid service disruptions.
• Troubleshoot SSL-related issues including handshake failures, certificate chain problems, and trust errors.
• Implement and enforce best practices for certificate management, including key management and secure storage.
• Collaborate with IT, security, and application teams to ensure proper SSL deployment and adherence to security policies.
• Stay current with SSL/TLS protocols, vulnerabilities, and industry standards such as TLS 1.2, and Certificate Transparency.
• Support audits and compliance efforts related to encryption and certificate management.

Mandatory:

1. 5+ years of experience in network/application security with a focus on WAF technologies.
2. 3+ years of hands-on experience with Forcepoint WAF and DAM in enterprise environments.
3. Strong understanding of HTTP/S protocols, OWASP Top 10, and web application architectures.
4. Proficiency in Forcepoint WAF policy creation, custom rule development, and integration with SIEM tools.
5. Experience with SSL/TLS, load balancing, and reverse proxy configurations.
6. Familiarity with scripting languages (e.g., Python, Bash) for automation and log analysis.
7. Excellent problem-solving and analytical skills