Job Title: L2 Application Delivery Engineer (F5, NetScaler, Azure WAF)

Experience Level: 3–6 Years

Location: RCP, Ghansoli, Navi Mumbai

Payroll : Quess Corp Ltd

1. Job Summary:

We are seeking an experienced L2 Network Security Engineer specializing in Application Delivery Controllers (ADC) and Web Application Firewalls (WAF). The ideal candidate will bridge the gap between Networking and Application teams, managing traffic flow for business-critical applications on F5 LTM/ASM, Citrix NetScaler, and Azure Cloud. He will be responsible for VIP creation, SSL offloading, WAF policy tuning, and troubleshooting complex HTTP/S traffic flows.

2. Key Responsibilities

A. Load Balancer Operations (LTM / ADC)

· Traffic Management: Configure and manage Virtual IPs (VIPs), Server Pools, Health Monitors, and Load Balancing methods (Round Robin, Least Connection).

· Content Switching: Create and modify Layer 7 policies (URL redirection, Header insertion) using F5 iRules or NetScaler AppExpert.

· SSL/TLS Management: Manage the full lifecycle of SSL certificates (CSR generation, Installation, Renewal) and configure SSL Offloading/Bridging.

· Maintenance: Perform firmware upgrades, hotfix patching, and backups for F5 BIG-IP and Citrix ADC appliances.

B. WAF & Security Operations (ASM / Azure)

· Policy Management: Manage WAF policies for F5 ASM (Advanced WAF) and Azure Web App Firewall.

· Threat Mitigation: Monitor and block OWASP Top 10 vulnerabilities (SQL Injection, XSS, CSRF) while minimizing false positives.

· Tuning: Move WAF policies from "Transparency/Learning" mode to "Blocking" mode by analyzing violation logs.

· DDoS Defense: Configure Rate Limiting and Geo-blocking to protect public-facing applications.

C. Cloud Load Balancing (Azure)

· Azure Networking: Configure Azure Application Gateway, Azure Front Door, and Azure Load Balancer for cloud-native apps.

· Hybrid Routing: troubleshoot traffic flow between On-Premise ADCs and Azure resources via ExpressRoute/VPN.

D. Infrastructure Support

· GSLB: Manage Global Server Load Balancing (F5 DNS/GTM) for Disaster Recovery (DR) failover between datacenters.

· Troubleshooting: Use tools like Tcpdump, Wireshark, and F5/NetScaler CLI to analyze packet drops and latency.

3. Technical Skills (Required)

· Core ADC Platforms: Hands-on expertise with F5 BIG-IP (LTM/DNS) and Citrix NetScaler (ADC). (Radware knowledge is a plus).

· WAF Expertise: Strong understanding of F5 ASM or Azure WAF Policy tuning, signatures, and violation analysis.

· Cloud Networking: Experience with Azure VNet, NSGs, and Application Gateway (v2).

· Protocols: Deep knowledge of HTTP/1.1 vs HTTP/2, SSL Handshake, DNS, and TCP/IP.

· Scripting: Familiarity with Python or Bash for basic automation; reading F5 iRules is mandatory.

· Certificates: Knowledge of PKI, CA, SAN certificates, and Chain of Trust.

4. Soft Skills & Competencies

· Attention to Detail: Critical when applying WAF policies to avoid blocking legitimate business traffic.

· Crisis Management: Ability to stay calm during high-pressure application outages.

· Collaboration: Working closely with App Developers to understand application behavior for custom health checks.

5. Qualifications

· Education: Bachelor’s degree in IT or relevant Diploma.

· Experience: 4–5 years in Network Security or Application Delivery.

· Certifications (Preferred):

o F5-CTS (Certified Technology Specialist)

o Citrix CCP-N (Certified Professional - Networking)

o Azure Network Engineer Associate (AZ-700)