About the Job

Security for Applications (SFA) is an organizational cluster of global security capabilities designed to safeguard software applications from potential threats. SFA is part of the wider Security Services group and core Information Security Operations pillar of Allianz Technology.

We are seeking a skilled and proactive Web Application Firewall (WAF) Specialist to join our cloud WAF team. The ideal candidate will play a crucial role in safeguarding our web applications and APIs against evolving cyber threats. You will be responsible for designing, implementing, optimizing WAF rules, responding to security incidents, working closely with DevOps and security teams to ensure robust protection for our web properties.

What you do

• Design, implement WAF rules to mitigate vulnerabilities and protect against OWASP Top 10 threats (e.g., XSS, SQLi etc).
• Configure and optimize WAF policies, including positive and negative security models. Monitor and adjust rate-limiting, IP allow/deny lists, and bot protection.
• Respond to security incidents, analyze logs and provide real-time WAF tuning to mitigate threats as well as conducting root cause analysis (RCA) for WAF-related incidents and recommending improvements.
• Use WAF tools and dashboards to monitor real-time threats and trends. Generate reports and provide insights to stakeholders on WAF effectiveness and security posture.
• Collaborate with DevOps, SecOps, and application development teams to ensure seamless integration of WAF into CI/CD pipelines.
• Regularly update WAF configurations to address new vulnerabilities, emerging threats and application changes whilst also conducting performance analysis to minimize latency impact while maintaining security.
• Document WAF configurations, incident handling procedures and best practices and train internal teams on Akamai security solutions and WAF configurations.

What you bring

• 3+ years of experience managing Web Application Firewalls. Experience with Akamai WAF and Akamai’s security solutions is a plus. 2+ years of experience as a web application developer, preferably using Java. Experience developing Jenkins jobs and using git source code repositories.
• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Hands-on experience mitigating OWASP Top 10 vulnerabilities and securing web applications/APIs. Security certification like CISSP or CEH will be added advantage.
• Experience with threat analysis, incident response and log monitoring with strong analytical and problem-solving skills.
• Familiarity with web application architectures, HTTP/HTTPS protocols, DNS, and CDNs as well as proficiency with scripting and automation tools (e.g., Python, Bash) to manage WAF configurations.
• Knowledge of SIEM tools, log analysis platforms (e.g., Splunk, Datadog), and traffic analysis tools.
• Excellent written and verbal communication skills with the ability to work collaboratively across teams in a multinational environment and manage multiple priorities in a fast-paced environment.
• Machine learning knowledge not required but is a plus.

What we offer

• We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad.
• We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location).
• From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered.
• Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach.

About Allianz Technology

With its headquarters in Munich, Germany, Allianz Technology is Allianz's global IT service provider and delivers IT solutions that drive the group's digitalization. With more than 11,000 employees in over 20 countries around the world, Allianz Technology is tasked to run, optimize, transform and innovate the infrastructure, applications and services together with Allianz companies to co-create the best customer experience.

We service the entire spectrum of digitalization – from one of the industry's largest IT infrastructure projects that spans data centres, networks and security, to application platforms ranging from workplace services to digital interaction.

In short: We deliver comprehensive end-to-end IT solutions for Allianz in the digital age. We are the backbone of Allianz.

Find us at: www.linkedin.com/company/allianz-technology.

Commitment to Integrity, Fairness & Inclusion

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us.

We at Allianz believe in a strong inclusive culture that encourages people to speak their minds, get involved and question the status quo. We are proud to be an equal opportunity employer and encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love, or what you believe in. We therefore welcome applications regardless of race, ethnicity or cultural background, age, gender, nationality, religion, social class, disability, sexual orientation, or any other characteristics protected under applicable local laws and regulations.

To Recruitment Agencies

Allianz Technology has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Technology does not accept unsolicited resumes from agencies or search firm recruiters.

When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz.

97708 | Operations | Professional | Non-Executive | Allianz Technology | Full-Time | Permanent