About this Role
We are seeking an Application Security Engineer with a strong focus on Security Operations and Web
Application Firewall (WAF) monitoring. This role is responsible for detecting, analyzing, and responding to
application-layer threats by reviewing WAF logs, security alerts, and web traffic patterns.
The engineer will work closely with SOC analysts, DevOps, and application teams to strengthen
application-layer defenses, investigate suspicious activity, and continuously improve web security controls.
Security Monitoring & Incident Response
- Monitor application security alerts from Web Application Firewalls (WAF) and other security monitoring tools.
- Investigate suspicious web traffic, attack patterns, and security events.
- Triage and respond to security incidents related to web applications and APIs.
- Conduct root cause analysis for application-layer attacks and security alerts.
- Escalate confirmed incidents to the incident response or security engineering teams.
WAF Management
- Configure, tune, and maintain WAF policies and rules to protect web applications.
- Analyze WAF logs to identify attack attempts such as SQL injection, cross-site scripting, bot activity, and API abuse.
- Optimize WAF configurations to reduce false positives and improve detection accuracy.
- Implement custom rules to mitigate emerging threats and vulnerabilities.
Threat Detection & Security Analysis
- Analyze security events using SIEM and monitoring platforms.
- Correlate WAF alerts with other security telemetry to identify potential attacks.
- Identify trends in web attacks and recommend improvements to security controls.
- Maintain documentation for incidents, WAF rules, and detection strategies.