Infrastructure Engineer - Networking & WAF Specialist

Motorola Solutions · Bangalore, India

Company Overview

At Motorola Solutions, we believe that everything starts with our people. We’re a global close-knit community, united by the relentless pursuit to help keep people safer everywhere. We build and connect technologies to help protect people, property and places. Our solutions foster the collaboration that’s critical for safer communities, safer schools, safer hospitals, safer businesses, and ultimately, safer nations. Connect with a career that matters, and help us build a safer future.


Department Overview

The Core Platforms & Services team is responsible for the development and operations of critical cloud infrastructure and platform services, in support of Motorola Solutions' public and hybrid cloud-based Software as a Service (SaaS) solutions for public safety customers. This team is part of Motorola Solutions’ Software Enterprise division, which offers secure, reliable and efficient team communications, workflow and operational intelligence solutions for mission critical public safety and enterprise markets throughout the world. Our services leverage Cloud Computing infrastructure on Azure, AWS & GCP to build at scale.


Job Description

We are looking for a highly skilled and motivated Infrastructure Security Specialist to join our core Infrastructure team. This role is critical in defining and securing the architecture of our hybrid environment, encompassing both multi-cloud platforms and on-premise data centers. The ideal candidate will possess deep technical expertise in Web Application Firewalls (WAF) and the F5 ecosystem, with a strong focus on enforcing "Security as Code" and proactively managing the security posture of our infrastructure pipelines and runtime environments.


Basic Requirements

Key Responsibilities

1. WAF & Application Security Architecture

  • WAF Engineering: Architect and manage the F5 and Signal Sciences WAF infrastructure. Move beyond basic setup to perform continuous threat modeling and rule tuning to minimize false positives while blocking active attacks.

  • Traffic Policy Enforcement: Translate complex business logic into secure traffic policies. Develop custom rules to mitigate OWASP Top 10 threats, bots, and zero-day vulnerabilities immediately upon discovery.

  • Attack Surface Reduction: Regularly audit and harden public-facing endpoints to ensure no unauthorized services are exposed to the internet.

2. Hybrid Network Security

  • Secure Ingress Operations: Manage Kubernetes Ingress (F5 Nginx) with a focus on TLS/SSL termination, mutual TLS (mTLS) for service-to-service communication, and certificate rotation rather than just load balancing.

  • Micro-segmentation: Design network policies that isolate critical on-premise databases from public cloud front-ends, strictly enforcing "Least Privilege" network access.

  • Hybrid Connectivity Security: Secure the interconnects (VPN/Direct Connect) between on-prem data centers and Cloud (AWS/GCP/Azure), ensuring encrypted and authenticated transit.

3. Infrastructure Hardening & Compliance

  • OS & Container Hardening: Responsible for the security configuration of base images and VM templates. Implement CIS Benchmarks and ensure all deployed assets match strict security baselines before they go live.

  • Vulnerability Management: Own the lifecycle of vulnerability remediation. Prioritize remediation based on threat intelligence and ensure critical CVEs are resolved within SLAs.

  • Drift Detection: Implement tools to detect configuration drift. If a server’s security setting is changed manually, your systems should detect and revert it automatically.

4. DevSecOps

  • Security Observability: Configure SIEM forwarding and alerts for WAF and Network logs. You are responsible for detecting anomalies (like data exfiltration attempts or unusual traffic spikes), ensuring actionable intelligence is derived from system logs.

  • Policy as Code: Write and enforce security policies (using tools like OPA or Sentinel) that automatically reject non-compliant Infrastructure as Code (Terraform/Ansible) commits.

  • Pipeline Security Integration: Embed security gates (SAST, SCA, Container Scanning) into the CI/CD pipeline. Ensure that developers cannot deploy vulnerable code or images by accident.

Required Qualifications

  • Experience: 10+ years in Infrastructure Security, Network Security, or DevSecOps.

  • Primary Tech Stack: Deep expertise in F5 (LTM/ASM/AFM) and Nginx Ingress Controller.

  • Security Domain: Strong grasp of WAF tuning, Micro-segmentation, DDoS mitigation strategies, and Zero Trust Networking principles.

  • Hybrid Skills: Proven ability to secure complex environments that span physical data centers and public clouds (AWS/GCP/Azure).

  • Tooling: Experience with Security as Code tools (Terraform, OPA) and Pipeline Security scanners (e.g., Snyk, Trivy, or SonarQube).

Preferred Qualifications

  • Experience writing custom WAF rules (iRules, ModSecurity).

  • Service Mesh: Familiarity with mTLS and service mesh concepts (e.g., Istio or Linkerd) for secure ingress.

  • Certifications: CISSP, CKS (Certified Kubernetes Security Specialist), or F5 Certified Technology Specialist.

  • Scripting (Python/Go) specifically for security automation tasks.


Travel Requirements

None


Relocation Provided

None


Position Type

Experienced

Referral Payment Plan

No

EEO Statement

Motorola Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion or belief, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other legally-protected characteristic. 

We are proud of our people-first and community-focused culture, empowering every Motorolan to be their most authentic self and to do their best work to deliver on the promise of a safer world. If you’d like to join our team but feel that you don’t quite meet all of the preferred skills, we’d still love to hear why you think you’d be a great addition to our team.

Apply →