e& Enterprise
Sr. Engineer – Application & End Point Security
- Permanent
- Abu Dhabi, United Arab Emirates
- Experience 2 - 5 yrs
Job expiry date: 16/04/2026
Job overview
Date posted
02/03/2026
Location
Abu Dhabi, United Arab Emirates
Salary
AED 20,000 - 30,000 per month
Compensation
Comprehensive package
Experience
2 - 5 yrs
Seniority
Senior & Lead
Qualification
Professional qualification
Expiration date
16/04/2026
Job description
The Sr. Engineer – Application & End Point Security role in Abu Dhabi is responsible for the end-to-end implementation, configuration, monitoring, and maintenance of WAF (Web Application Firewalls) for internal and external customers. This role ensures protection of web applications against cyber threats and vulnerabilities, including OWASP Top 10 attacks. The position collaborates with cybersecurity teams, SOC, and incident response teams, performing security enhancements, evaluating exceptions, and integrating WAF with broader security controls such as SIEM, PAM, RSA, and SolarWinds. Responsibilities include tuning security profiles, upgrading WAF deployments, monitoring system resources, managing certificates and licenses, performing security assessments, and maintaining updated documentation. The role requires deep knowledge of web application security, network protocols, firewall technologies, web server platforms, and scripting for automation and customization.
Required skills
Key responsibilities
- Provision web applications on WAF end-to-end, including requirements gathering, scope definition, and creation of tailored security profiles
- Fine-tune security policies by rigorously testing web application flows to minimize false positives for effective SOC monitoring
- Perform security enhancements on existing WAF-protected applications ensuring minimal impact on live traffic
- Analyze attack logs and update security profiles to suppress false positives for ongoing monitoring
- Monitor and update web application certificates on WAF to prevent service disruption
- Evaluate exceptions and whitelistings for security impact before implementation on WAF
- Conduct regular security assessments and audits to validate WAF configuration effectiveness
- Support SOC/Incident Response teams with attack logs for ongoing investigations
- Monitor WAF system resources such as CPU, memory, and disk utilization, and flag issues proactively
- Implement corrective and remedial measures for newly discovered WAF security vulnerabilities
- Plan, test, and execute WAF upgrades to stable versions, ensuring minimal impact to protected applications
- Maintain detailed documentation of WAF HLD, LLD, configurations, security policies, application status, and ownership
- Monitor licenses and vendor contract expirations, and communicate with stakeholders accordingly
- Perform backup restoration drills and ensure periodic backups to remote servers are operational
- Deploy dedicated WAF instances for special projects with customized security policies
- Integrate WAF deployments with security tools including SIEM, PAM, RSA, and SolarWinds
- Identify unusual activity and attacks through administrative and security alert monitoring
- Highlight operational challenges and current issues in all WAF deployments
- Apply compensatory security controls when issues cannot be fixed at the application level
Experience & skills
- BS in Computer Science, Information Technology, or related field
- Certified Ethical Hacker (CEH) or similar certification preferred
- Proven experience administering and managing WAF, specifically FortiWeb
- In-depth understanding of web application security principles and OWASP Top 10 vulnerabilities
- Strong knowledge of network protocols, firewall technologies, and web server platforms
- Experience with scripting languages for automation and WAF configuration customization
- Excellent analytical and problem-solving skills for complex security issues
- Effective communication skills to collaborate with cross-functional teams and convey technical concepts to non-technical stakeholders