WAF Administrator (вакансія неактивна)

Vodafone Ukraine is an international company with the leading positions in the field of technology and telecommunications, implementing ambitious projects and products in all business spheres, including Cloud Services, Big Data, IoT, Smart City.

We are seeking a skilled and detail-oriented WAF Administrator to join our cybersecurity team. The WAF Administrator will be responsible for the design, implementation, and day-to-day management of our Web Application Firewall systems. The ideal candidate should have a strong background in web application security, hands-on experience with WAF technologies, and a proactive approach to safeguarding our web applications against cyber threats.

Responsibilities:

• WAF Deployment and Configuration — Install, configure, and manage Web Application Firewall solutions to protect web applications from common vulnerabilities and attacks.
• Collaborate with application development and IT teams to integrate WAF seamlessly into the web application environment.
• Develop and enforce WAF security policies to mitigate risks associated with OWASP Top 10 vulnerabilities and other web application threats.
• Regularly review and update WAF rule sets to adapt to emerging threats.
• Monitor WAF logs and alerts for suspicious activities and security incidents.
• Investigate and respond to security incidents, collaborating with incident response teams as needed.
• Fine-tune and optimize WAF configurations to balance security and performance.
• Collaborate with system administrators and network engineers to ensure minimal impact on web application performance.
• Work closely with development teams to understand application architectures and assist in WAF rule customization.
• Participate all the drill activity and check the traffic and ensure the status.
• Collaborate with other cybersecurity teams to integrate WAF with broader security controls.
• Create advanced alerts/reports to meet the requirements of key stakeholders.
• CDN fine tuning for better performance, multiple origin configuration , redirects, rewrites, cert issue.
• Maintain detailed documentation of WAF configurations, policies, and incident response procedures.
• Provide training and documentation for application developers and other team members.

Qualifications:

• Higher technical education in IT, telecommunication, or related areas.
• Relevant certifications such as WAF-specific certifications or general cybersecurity certifications are a plus.
• Proven experience as a WAF Administrator or in a similar role for 2+ years.
• Hands-on experience with leading WAF solutions, such as F5, Imperva, or Akamai.
• In-depth knowledge of web application security concepts and common vulnerabilities.
• Practical knowledge of issues related to the security of IT systems and firewall configuration.
• Proficiency in configuring and managing WAF policies and rule sets.
• Strong analytical and problem-solving skills to interpret WAF logs and respond effectively to security incidents.
• Ability to analyze web application traffic patterns to detect and prevent attacks.
• Ability to communicate with both technical and non-technical stakeholders.
• Practical experience in administering various operating systems (Windows, Linux, FreeBSD).
• Basic knowledge of programming and scripting languages, knowledge of network technologies and protocols, modern cryptography methods and encryption technologies;
• Knowledge of Ukrainian legislation in the field of information security (Laws of Ukraine “On Information”, “On Telecommunications”, “On Personal Data Protection”) and international standards and metodologies in the field of information security (ISO/IEC 27001, 27002, NIST, COBIT, OWASP).

Additional skills (nice to have, not mandatory).

• Hands-on experience with network equipment (modems, routers, switches, hubs, multiplexers, adapters, etc.) and security systems (Cisco, IBM, Trend Micro, Splunk, McAfee, CheckPoint);
• Experience in working with such protocols/services/systems as VPN, DMZ, Radius, NAT, DHCP, VLAN, DNS;
• Experience in developing, implementing and administering security solutions: IDS/IPS, Proxy, NGFW, DLP, SIEM, anti-DDoS, NGAV, EDR;
• Experience with Open Source information security tools, Web Security Scanner and devices that provide information encryption.

Benefits:

• Official employment & social guarantees
• Flexible work hours and remoted working days
• 31 calendar days of vacation
• Medical insurance
• Professional trainings
• Free mobile communication & discounts for family members
• Active corporate life

If you are a dedicated WAF Administrator with a passion for securing web applications and preventing cyber threats, we encourage you to apply. Join us in our mission to fortify our web applications and ensure the highest level of security for our organization and its users.