The WAF Security Engineer is responsible for operating, securing, and evolving the organization’s application exposure and protection platforms .
The role focuses on Web Application Firewalls (WAF) , reverse proxies , anti-DDoS , and external access services , ensuring the confidentiality, integrity, and availability of business-critical applications.
The engineer works closely with network, security, and application teams to protect Internet-facing services against Layer-7 threats , bots, abuse patterns, and volumetric or application-level attacks.
Responsibilities :
WAF & Application Security Operations
- Operate and maintain multi-vendor WAF platforms (F5, ADC Netscaler & AWS).
- Design, configure, and maintain application security policies , including :
- Positive and negative security models
- Signature-based protection and behavioral analysis
- Bot mitigation, brute-force protection, and abuse prevention
- Manage the full lifecycle of WAF rules : creation, tuning, validation, deployment, and optimization.
- Analyze and reduce false positives / negatives while maintaining application availability and performance.
Reverse Proxy & External Access Services
Operate reverse proxy and external access gateways ( F5, ADC Netscaler & AWS ).Manage SSL / TLS offloading , certificate lifecycle, and cryptographic standards.Support secure application exposure across DMZ, on-premise, private cloud, and hybrid environments .Anti-DDoS & Resilience
Support anti-DDoS solutions (AWS-based and ISP-managed services) integrated with WAF platforms.Participate in attack mitigation strategies for volumetric and application-layer threats.Security Operations & Governance
Monitor security events, alerts, and dashboards related to WAF and external access services.Handle incident and problem management , including troubleshooting, root cause analysis (RCA), and post-incident reports (PIR).Participate in change and configuration management , including upgrades, patches, and controlled rollouts.Maintain operational documentation, architecture diagrams, and configuration inventories.Coordinate with vendors and third parties for escalations and technical support.Experience :
7+ years of experience in network and application security operations .Strong hands-on experience with Web Application Firewalls (F5, NetScaler).Solid understanding of HTTP / S, SSL / TLS, web architectures, and application flows .Experience securing Internet-facing applications in large, multi-site enterprise environments.Additional experience or knowledge in the following technologies is considered a strong asset :
Network Firewalls (Fortinet FortiGate, CheckPoint).Secure remote access and VPN solutions (Cisco ASA / AnyConnect).Identity and access services (Cisco ISE, RSA MFA).Network security management and policy analysis tools.Secure DNS, IPAM, and infrastructure services.Fluent in English, knowledge of FrenchOur Offer :
An attractive salary package with or without a company car5 additional vacation days each yearA dedicated training program with personal development plansExtra-legal advantages (IT material, banks, ...)Regular events with the CTG team : learning lunchs, team buildings, fun events, Xmas, Marathons, ...If you like multicultural teams and want to join a company with open communication, then apply right now !
Please note that a criminal record will be asked for this position.
