The WAF Operations Solution Engineer role at EY focuses on implementing and managing Web Application Firewall (WAF) solutions to protect client applications from cyber threats. You will work within a team of cybersecurity professionals to establish effective security measures and ensure the integrity of web applications. This position involves monitoring application traffic, analyzing security events, and responding to incidents. You will also collaborate with cross-functional teams to enhance the overall security posture of web applications.

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field preferred.
• 3-5 years of experience in web application security operations, with a focus on WAF management.
• Hands-on experience with WAF solutions such as Cloudflare and Imperva is required.
• Proficiency in using Terraform for infrastructure automation is preferred.
• Strong understanding of web application protocols, security principles, and best practices.
• Familiarity with ITIL processes and ticketing systems for incident management.
• Relevant certifications (e.g., CISSP, Security+) are a plus.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.

• Configure, manage, and optimize WAF solutions to establish effective security controls for web applications.
• Provide ongoing operational coverage of web application firewalls, ensuring they function correctly and efficiently.
• Monitor application traffic and security events to identify potential threats and vulnerabilities.
• Conduct thorough analysis of security incidents, including root cause analysis and remediation efforts.
• Collaborate with incident response teams to investigate and respond to security incidents in a timely manner.
• Develop and maintain WAF policies, rules, and documentation to align with best practices and compliance requirements.
• Provide support for security audits and assessments, promoting adherence to security standards and policies.
• Stay current with emerging threats, vulnerabilities, and security technologies to enhance the organization's security posture.
• Utilize various WAF solutions, including Cloudflare and Imperva, for implementation and management, ensuring optimal configuration and performance.
• Leverage Terraform for infrastructure as code (IaC) to automate the deployment and management of WAF solutions.
• Mentor junior engineers and provide guidance on WAF management and incident response processes.

• Ernst & Young (EY) offers a comprehensive and competitive benefits package designed to support the well-being of its employees across various dimensions.