jobs in Happiest Minds Technologies

Happiest Minds Technologies Hiring! Full Time MODULE LEAD - WAF in Federal Territory - Ricebowl

MODULE LEAD - WAF

Happiest Minds Technologies

Undisclosed

KL City, Federal Territory

Share
Save

Working Location

  • Kuala Lumpur Federal Territory Malaysia

Job Description

Responsibilities

Senior WAF & Infrastructure Security Engineer

Experience Required

7?10 Years

Job Summary

We are seeking a highly skilled Senior WAF & Infrastructure Security Engineer with 7?10 years of cybersecurity experience to design, implement, and manage security controls across web applications, infrastructure, networks, and cloud environments. The ideal candidate will have strong expertise in Web Application Firewall (WAF) technologies, infrastructure security, vulnerability management, security hardening, and incident response.

This role requires hands-on technical expertise, strong analytical skills, and the ability to collaborate with application, cloud, infrastructure, and security teams to enhance the organization's security posture and protect critical business assets.

Key Responsibilities

Web Application Firewall (WAF) Security

  • Design, deploy, configure, and optimize enterprise WAF solutions.
  • Develop and maintain WAF policies, signatures, custom rules, and security controls.
  • Monitor and mitigate web-based attacks, including:
    • SQL Injection (SQLi)
    • Cross-Site Scripting (XSS)
    • Cross-Site Request Forgery (CSRF)
    • Remote Code Execution (RCE)
    • API attacks
    • Bot attacks and DDoS threats
  • Perform WAF tuning to reduce false positives and improve detection accuracy.
  • Support application onboarding and security assessments for internet-facing applications.
  • Conduct security reviews and recommend controls aligned with OWASP standards.
Infrastructure Security

  • Implement and maintain security controls across servers, networks, virtualization platforms, and cloud environments.
  • Perform security hardening for Windows, Linux, web servers, databases, and middleware platforms.
  • Review and manage firewall rules, network segmentation, IDS/IPS, and secure access controls.
  • Conduct infrastructure security assessments and recommend remediation actions.
  • Support secure architecture reviews and deployment of new infrastructure components.

Vulnerability & Risk Management

  • Lead vulnerability assessments using enterprise security tools.
  • Analyze and prioritize vulnerabilities based on business risk and threat exposure.
  • Coordinate remediation efforts with infrastructure, cloud, and application teams.
  • Track remediation activities and ensure compliance with defined SLAs.
  • Monitor security advisories, CVEs, and emerging threats.

Security Monitoring & Incident Response

  • Investigate security alerts, suspicious activities, and potential security incidents.
  • Perform root cause analysis and support incident response activities.
  • Collaborate with SOC teams to strengthen threat detection and response capabilities.
  • Develop and improve security monitoring use cases and detection mechanisms.

Cloud Security

  • Implement and maintain security controls within AWS, Azure, or GCP environments.
  • Review cloud configurations and identify security risks.
  • Support cloud security assessments and compliance initiatives.
  • Implement security best practices for hybrid and multi-cloud environments.

Governance & Compliance

  • Support security audits, compliance assessments, and regulatory requirements.
  • Develop security documentation, standards, and operational procedures.
  • Create security reports, dashboards, and risk metrics for stakeholders.
  • Ensure adherence to security frameworks and organizational policies.

Required Technical Skills

WAF Technologies

Hands-on Experience With One Or More Of

  • F5 Advanced WAF (ASM)
  • Imperva WAF
  • Akamai Kona Site Defender
  • Cloudflare WAF
  • AWS WAF
  • Azure Web Application Firewall

Infrastructure Security

  • Windows and Linux Security Administration
  • Infrastructure Hardening
  • Network Security
  • Firewall Management (Palo Alto, Fortinet, Check Point, Cisco Firepower)
  • IDS/IPS Technologies
  • VPN and Remote Access Security
  • Secure Network Segmentation

Vulnerability Management

  • Qualys VMDR
  • Tenable Nessus/*************
  • Rapid7 InsightVM
  • Vulnerability Assessment and Risk Prioritization

Security Monitoring

  • Splunk
  • QRadar
  • Microsoft Sentinel
  • Log Analysis and Threat Detection

Cloud Security

  • AWS Security Services
  • Microsoft Azure Security Services
  • Cloud Security Architecture and Best Practices

Security Frameworks

  • OWASP Top 10
  • CIS Benchmarks
  • NIST Cybersecurity Framework
  • ISO 27001
  • MITRE ATT&CK Framework

Preferred Skills

  • API Security
  • DDoS Protection Solutions
  • Scripting and Automation (Python, PowerShell, Bash)
  • DevSecOps and CI/CD Security
  • Terraform or Ansible
  • Zero Trust Security Architecture

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.
  • 7?10 years of experience in Infrastructure Security, Network Security, Security Engineering, or Cybersecurity.
  • Minimum 3?5 years of hands-on experience managing enterprise WAF solutions and infrastructure security technologies.

WAF

Important Information

Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.

Learn More