Senior Engineer - Security Research

Job Description :

- Create signatures for Indusface WAS & WAF product to detect & protect Web applications vulnerabilities.

- Research evolving web attacks, CVEs, and evasion techniques targeting web apps and APIs and generate detection logic based on real-world payloads and tools.

- Build behaviour-based logic, anomaly scoring, and payload inspection for advanced threats.

- Design and prototype new WAF product security features such as : Bot, DDOS, WAAP, etc.

- Outstanding problem solving and troubleshooting skills are a must, as solutions to many problems might not be obvious.

- Drive the end-to-end release process for WAF detection updates and product features.

- Coordinate with DevOps/Release teams to validate rollout on staging and production.

- Monitor post-release impact and lead fixes for regressions or tuning issues.

- Trouble-shooting customer cases & provide timely solutions and write RCAs wherever necessary.

- Developing Security tools, automation to ease manual/repeated work to increase efficiency in providing the solution.

Candidate Profile :

- 5-10 years of vulnerability analysis, research and developing IPS/IDS/WAF signature writing experience (Snort experience will be add-on).

Good understanding of :

- Firewalls, proxies, SIEM, antivirus, and IDPS concept

- Windows & Linux operating systems (REDHAT)

- Network security, network layers (OSI Layer-3 and Layer-4)

- Protocols like TCP/IP, DNS, HTTP, HTTPS, SSH etc.

- Network Penetration testing and techniques

- Identify and mitigate network vulnerabilities and explain how to prevent them

- Programming languages like C/C++ or Python

Hands-on experience in :

- Research on 0days, critical vulnerabilities, exploits in wild, discover new vulns

- Web-app security (SQL Injection, XSS, CSRF etc.), OWASP-10, SANS Top 25

- Network analysis tools like tcpdump, Wireshark, Burpsuite and assisting tools like Debuggers, Hex Editors, etc.

- Crafting Regular Expressions, Verification & Validation

- Vulnerability scanners, IDS/IPS, Application Firewall, VAPT tools : Metasploit, Nessus, etc.

- Analysing existing or writing new POCs

- DOS attacks, Bot attacks, API based attacks & its exploitation/testing tools

- Experience with ML-assisted detection or behavioral security models

- Contributions to open-source security tools or research publications

- Certifications (e.g., OSWE, GWAPT, CEH, CISSP) are a plus

- Effective written and verbal communication skills.

Good to have :

- Knowledge on ModSecurity and Rule writing

- Understanding of Lua, nginx, Apache

- Developing security related tools/programs.

- Knowledge on Cloud infrastructure services, Virtualization software (VMWare , Virtual PC/ Virtual Box , XEN , etc)

- Experience in any of Java, Test NG, Linux Scripting, shell scripting, Python, Perl

- Experience/Knowledge in Amazon Web Services