Cloud Cybersecurity Engineer

Role: Imperva Security Engineer / WAF & API Security Specialist Location: Remote Experience: 5-8 Years Duration: 3 months (possible extension) We are looking for an experienced Imperva Security Engineer with strong expertise in Web Application Firewall (WAF), Advanced Bot Protection (ABP), DDoS mitigation, and API security. The ideal candidate will be responsible for implementing, managing, and optimizing Imperva security controls to protect web applications, APIs, and infrastructure from malicious traffic and evolving cyber threats. Key Responsibilities Imperva WAF (Web Application Firewall) • Configure, manage, and optimize Imperva WAF policies for multiple websites and APIs. • Review and tune security policies to reduce false positives while maintaining strong protection. • Perform log analysis and investigation of WAF-triggered events. Imperva Advanced Bot Protection (ABP) • Configure, monitor, and maintain ABP policies for websites and APIs. • Analyze ABP traffic patterns to identify suspicious or malicious bot activity. • Create custom ABP rules to block unwanted automated traffic. • Tune ABP settings to mitigate credential stuffing, scraping, and automated attacks. Imperva DDoS Protection • Configure and manage DDoS protection settings for websites and network endpoints. • Monitor DDoS events and coordinate mitigation strategies. • Work with Imperva SOC and internal teams during DDoS incidents. Imperva ACL Policies • Create, update, and maintain ACL rules to allow or block traffic by IP, subnet, geolocation, or custom conditions. • Conduct periodic reviews of ACL entries to ensure accuracy and security. Dashboarding & Log Analytics • Build and maintain custom dashboards in Imperva for ABP, WAF, and traffic monitoring. • Use available filters and fields to derive insights into traffic trends, anomalies, and potential threats. • Provide detailed traffic and attack pattern reports to stakeholders. Threat Analysis & Security Operations • Identify malicious, suspicious, or anomalous traffic patterns through log analysis. • Implement mitigation strategies such as custom WAF/ABP rules or ACL updates. • Collaborate with application teams to validate the impact of blocking rules. API Security • Configure and manage API security policies within Imperva. • Onboard new APIs and ensure proper schema validation, authentication, and rate-limiting policies. • Monitor API traffic for anomalies, abusive patterns, or attacks such as injection or misuse. Required Skills • Strong hands-on experience with Imperva Cloud WAF, ABP, DDoS, and API Security. • Good understanding of HTTP/S, DNS, TCP/IP, and networking fundamentals. • Experience analyzing logs and identifying attack patterns. • Ability to write custom rules (e.g., Regex-based, ABP rule conditions, ACL conditions). • Familiarity with web application architectures and API frameworks. • Strong troubleshooting and incident response skills. Nice-to-Have • Experience with SIEM tools (Splunk, ELK, etc.). • Scripting knowledge (Python, Shell) for automation. • Experience with CDN or cloud security platforms (Akamai, AWS CloudFront) Pay: Up to $55.00 per hour Expected hours: 40.0 per week Work Location: Remote Apply tot his job