Lead Application Security Engineer

Required Qualifications5+ years of professional experience in Web Application Firewall (WAF)/ Layer 7 security.Must have deep hands-on experience with WAF (Web Application Firewalls) configuration, tuning, and monitoring or WAF's from vendors such as Imperva, ASM, Cloudflare, Akamai, F5 Advanced, FortiWeb, Barracuda.Demonstrated knowledge of application layer (L7) DDoS attacks; network (L3) DDoS is not required.Must have experience with web attacks (how to protect) and rate limiting policies.Bot Management & API Security: Implement bot mitigation strategies, API security, and rate limiting for application traffic.DNS & Load Balancing: Configure and manage DNS (A records, CNAME records), global and local load balancing for high-availability applications. A/CNAME recordsWeb Application Security & DDoS Protection: Experience with WAF, Layer 7 (L7) DDoS mitigation, web application attack protection, and vulnerability management. Tools: Imperva, ASM, Cloudflare, Akamai, F5 Advanced, FortiWeb, Barracuda.Threat Mitigation & Compliance: Apply security controls to safeguard web applications, ensure regulatory compliance, and maintain operational integrity.