- Create signatures for Indusface WAS & WAF product to detect & protect Web applications vulnerabilities.

- Research evolving web attacks, CVEs, and evasion techniques targeting web apps and APIs and generate detection logic based on real-world payloads and tools.

- Build behaviour-based logic, anomaly scoring, and payload inspection for advanced threats.

- Design and prototype new WAF product security features such as : Bot, DDOS, WAAP, etc.

- Outstanding problem solving and troubleshooting skills are a must, as solutions to many problems might not be obvious.

- Drive the end-to-end release process for WAF detection updates and product features.

- Coordinate with DevOps/Release teams to validate rollout on staging and production.

- Monitor post-release impact and lead fixes for regressions or tuning issues.

- Trouble-shooting customer cases & provide timely solutions and write RCAs wherever necessary.

- Developing Security tools, automation to ease manual/repeated work to increase efficiency in providing the solution.

Candidate Profile :

- 5-10 years of vulnerability analysis, research and developing IPS/IDS/WAF signature writing experience.

- Good understanding of :

1. Firewalls, proxies, SIEM, antivirus, and IDPS concepts

2. Windows & Linux operating systems (REDHAT)

3. Network security, network layers (OSI Layer-3 and Layer-4)

4. Protocols like TCP/IP, DNS, HTTP, HTTPS, SSH etc.

5. Network Penetration testing and techniques

6. Identify and mitigate network vulnerabilities and explain how to prevent them

7. Programming languages like C/C++ or Python

- Hands-on experience in :

i. Research on zero days, critical vulnerabilities, exploits in wild, discover new vulns

ii. Web-app security (SQL Injection, XSS, CSRF etc.), OWASP-10, SANS Top 25

iii. Network analysis tools like tcp dump, Wireshark, Burp suite and assisting tools like Debuggers, Hex Editors, etc.

iv. Crafting Regular Expressions, Verification & Validation

v. Vulnerability scanners, IDS/IPS, Application Firewall, VAPT tools : Metasploit, Nessus, etc.

vi. Analysing existing or writing new POCs

vii. DOS attacks, Bot attacks, API based attacks & its exploitation/testing tools

- Experience with ML-assisted detection or behavioural security models

- Contributions to open-source security tools or research publications

- Certifications (e.g., OSWE, GWAPT, CEH, CISSP) are a plus

- Effective written and verbal communication skills.

Good to have :

- Knowledge on Mod Security and Rule writing

- Understanding of Lua, nginx, Apache

- Developing security related tools/programs.

- Knowledge on Cloud infrastructure services, Virtualization software (VMWare , Virtual PC/ Virtual Box , XEN , etc)

- Experience in any of Java, Test NG, Linux Scripting, shell scripting, Python, Perl

- Experience/Knowledge in Amazon Web Services