• Design, deploy, and manage WAF solutions for on-premise and cloud-based platforms. • Develop and fine-tune WAF policies, rules, and signatures to mitigate known threats and application abuses as well as emerging threats. • Lead incident response efforts for web application and network attacks, including root cause analysis and remediation. • Monitor and analyze inbound web traffic to identify and respond to suspicious activities, ensuring real-time threat mitigation. • Collaborate with cross-functional teams to integrate WAF solutions into CI/CD pipelines and application architectures and focus on maturing WAF protections. • Maintain and optimize WAF configurations to balance security, performance, and user experience and enable process optimization and automation. • Be involved in regular security assessments, vulnerability scans, and penetration testing to identify gaps in WAF protection. • Maintain a close working relation with the Application Development team to ensure optimal protections are used for all new application releases. • Ensure adequate testing and validation has been performed for all protections and mitigations before rollout. • Mentor team members and provide guidance on WAF best practices and troubleshooting. • Stay current with emerging threats, vulnerabilities, and industry best practices to enhance WAF strategies. • Document WAF infrastructure, create and maintain design diagrams, configurations, policies, and incident reports to ensure compliance with regulatory requirements. • Ensure an always-on application delivery model by providing quick response and reaction to incidents and critical activities when needed. • Participate in on-call rotations to support 24/7 operations as needed. • Ensure application security practices and solution operations align with regulatory standards such as PCI-DSS, NIST.