Security Operations (SecOps / VM, Cloud WAF)

About the Role

This position focuses on governing and running cloud web application firewall operations across a large multi-cloud environment. The role is centered on protecting externally exposed applications, maintaining policy consistency, and reducing application-layer threats across more than 1,600 cloud accounts and increasing.

What You Will Do

• Take ownership of the full governance model for cloud WAF platforms across environments such as Azure WAF, AWS WAF, Cloudflare, Akamai, and similar services.
• Create and maintain security standards, policy structures, and global baselines that align with OWASP Top 10 guidance.
• Make sure WAF policies are deployed consistently across all internet-facing applications.
• Manage the lifecycle of WAF rules and policies across SaaS and hyperscaler-native platforms at scale.
• Work with OWASP Core Rule Set and custom rules, adjusting them to strengthen protection while minimizing false positives.
• Maintain broad WAF coverage across every web application ingress path.
• Investigate false-positive blocks and coordinate remediation with application owners.
• Handle rule creation, tuning, optimization, exception governance, and false-positive management.
• Promote the use of positive security models and stronger advanced protection controls.
• Lead response efforts for application-layer attacks and WAF-related incidents.
• Ensure security incidents are followed by timely root-cause analysis and preventive corrective actions.
• Coordinate blocking of indicators of compromise such as IPs, domains, and URLs across WAF and connected platforms.
• Monitor platform health, performance, latency, scalability, and overall stability.
• Troubleshoot block events, application connectivity problems, false positives, and resource usage concerns.

Experience and Qualifications

The role calls for 10 to 15 years of experience in network or application security, including at least 5 years working with WAF or application security platforms. Candidates should have operated in large enterprise setups and multi-cloud environments.

Technical Expertise Needed

Strong hands-on knowledge is expected across cloud WAF solutions such as Azure WAF, AWS WAF, Cloudflare, Akamai, F5, and Imperva. The role also requires solid understanding of reverse proxy design, Layer 7 controls, OWASP Top 10, attack signatures, bot mitigation, SSL/TLS inspection, HTTP headers, and API security.

Eligibility

Any graduate or B.Tech/B.E. in any specialization may apply.

Compensation

The advertised pay range is INR 13,00,000 to INR 20,00,000 per year.

Work Location

This position is based in Hyderabad, India.