Job description

The Azure and WAF Security Engineer is responsible for designing, implementing, and managing security solutions within Microsoft Azure cloud environments and Web Application Firewalls (WAF). Key Responsibilities: Azure Security Management: •Configure and manage security features in Microsoft Azure, including Azure Security Center, Azure Sentinel, and Azure Active Directory (AAD) for identity and access management. • Implement and monitor security controls such as network security groups (NSGs), Azure Firewall, and virtual network configurations to protect cloud resources. • Conduct risk assessments and vulnerability scans for Azure-based infrastructure and applications. • Design and enforce policies for secure access, data encryption, and key management using Azure Key Vault. Web Application Firewall (WAF) Administration: • Deploy, configure, and maintain WAF solutions (e.g., Azure Application Gateway WAF, Azure Front Door, or third-party WAFs) to protect web applications from common threats like SQL injections, cross-site scripting (XSS), and DDoS attacks. • Develop and fine-tune WAF rules and policies to minimize false positives while ensuring robust protection. • Monitor WAF logs and alerts, responding to potential security incidents in real time. • Perform regular updates and patch management for WAF systems to address emerging threats. Compliance and Governance: • Ensure Azure and WAF configurations comply with industry standards and regulations (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001). • Assist in audits and provide documentation for compliance requirements. • Implement governance policies using Azure Policy and Blueprints to enforce security standards across cloud resources. Qualifications: • At least 5 years of experience in cloud security, with at least 2 years focused on Microsoft Azure and WAF technologies. • Proven track record of implementing and managing security solutions in cloud environments. • Experience with incident response, threat hunting, and log analysis in cloud-based systems. Required • Strong expertise in Microsoft Azure security services, including Azure Security Center, Azure Sentinel, Azure Firewall, and Azure Active Directory. • Hands-on experience with WAF solutions, such as Azure Application Gateway, Azure Front Door, or third-party WAF platforms (e.g., F5, Imperva, Cloudflare). • Proficiency in network security concepts, including firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS). • Familiarity with scripting and automation tools (e.g., PowerShell, Python, or Azure CLI) for security configuration and monitoring. • Experience with containerization and orchestration tools (e.g., Docker, Kubernetes). • Strong understanding of security principles, protocols, and best practices. • Excellent problem-solving and analytical skills.

Requirements