WAF & Application Security SME @ Mindbox Sp.z.o.o.

Several years of experience in WAF management, tuning, and engineering (e.g., Akamai, F5, AWS, GCP – at least 3 solutions). Strong understanding of web application security principles and hands-on experience in SOC/CSIRT, AppSec, or Ethical Hacking. Proficiency in log analysis (e.g., Splunk, Wireshark, custom scripts). Ability to develop, test, and recommend WAF policies and rules tailored to various applications and environments. Experience working with DevSecOps teams and integrating security solutions. Competence in maintaining comprehensive documentation for WAF procedures and configurations. Proactive, detail-oriented, and able to thrive in a dynamic environment. Excellent communication skills – able to articulate technical concepts to both technical and non-technical stakeholders. Up-to-date knowledge of web security threats and trends. Creating an inspiring place to thrive for the talented, we use their expertise and courage to introduce the technology of the future into your business. - This is the foundation of Mindbox and the goal of our business and technology journey. We operate and develop in four areas: 🤖 Autonomous Enterprise - automation of business processes using RPA, OCR, and AI. 🌐Business Managment Systems ERP - we implement, adapt, optimize, and maintain flexible, safe, and open ERP of production and distribution companies worldwide. 🤝Talent Network - we provide access to the best specialists. ☁️ Modern Architecture - we build integrated, sustainable, and open CI / CD environments based on containers enabling safe and more frequent delivery of proven changes in the application code. We treat technology as a tool to achieve a goal. Thanks to our consultants' reliability and proactive approach, initial projects usually become long-term cooperation. For over 16 years, it has provided various services to support clients in digital transformation. #LI-Hybrid About the Role: Join a team of experts responsible for elevating the security of web applications at one of the world’s largest financial organizations. As a WAF & Application Security SME, you will play a key role in designing, testing, and implementing advanced Web Application Firewall (WAF) solutions, as well as enhancing the security posture of internet and internal applications and APIs. We Offer: Work in an international environment on innovative cybersecurity projects. Opportunities for professional growth and collaboration with experts from around the world. Remote or hybrid work model. Participation in projects with global impact and high organizational visibility. Interested candidates are invited to submit their CV in English. We will contact selected applicants. ,[Identify and craft complex custom WAF rules and features to mitigate security gaps., Design and execute efficacy testing for baseline and custom rules, integrating tests into CI/CD automation pipelines., Provide SME support for security testing, WAF Proofs of Concept, new features, and solutions., Analyze logs, detect and mitigate false positives, and optimize WAF rules for accuracy and performance., Document WAF tuning procedures, policies, and configurations., Collaborate with DevSecOps, engineering, SOC/CSIRT, and other technical teams., Conduct regular audits and assessments of WAF configurations for compliance with best practices and industry standards., Stay up-to-date with the latest web security threats and trends., Proactively identify and address threats and false positives., Support seamless integration of WAF solutions into existing security infrastructure.  ] Requirements: WAF, Akamai, F5, AWS, GCP, Web application security, Splunk, Wireshark, Communication skills Additionally: Sport subscription, Private healthcare, International projects, Free coffee.