ITC Infotech - L3 Web Application Firewall Lead - Cloudflare Certified

Preferred location : Mumbai / Pune.

L3 Web Application Firewall Lead (Cloudflare WAF)

Job Summary :

ITCI Cyber Security team is looking for the role who is operational excellence and strategic configuration of Cloudflare WAF, focused on protecting public-facing web assets. The individual will ensure accurate ruleset deployment, threat intelligence tuning, and real-time attack mitigation. Additionally, the role requires extensive engagement with application owners and dev teams to fine-tune security without compromising performance.

Key Responsibilities :

- Manage Cloudflare WAF policies and rulesets to protect financial web apps from OWASP Top 10 threats and zero-day exploits.

- Oversee rule tuning, false positive management, and configuration of Bot Mitigation, Rate Limiting, and DDoS Protection.

- Participate in vulnerability remediation cycles, ensuring virtual patching through WAF policies.

- Conduct monthly policy reviews, perform simulated attacks for resilience validation, and apply version updates as needed.

- Document all policy configurations, rationales, and threat detection results for audit and governance.

- Work with developers and AppSec teams to align WAF policies with application behaviour and threat models.

- Troubleshoot web traffic issues, SSL certificate renewals, and secure CDN operations.

- Provide architectural input on securing new applications and APIs through Cloudflare WAF.

- Support incident response activities, forensic analysis, and ensure high availability of WAF configurations.

Key Skills & Certifications :

- 8+ years in application or network security; 3+ years Cloudflare WAF experience.

- Strong hands-on with OWASP, HTTP/HTTPS protocols, TLS configurations, and Cloudflare dashboards.

- Cloudflare Certified, CEH, or OSWE preferred.

- In-depth understanding of RBI and SEBI appsec controls and web access compliance