Network Security Specialist Senior (WAF)

WorldPay
Denver, United States of America
11 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Senior
Compensation
$ 193K

Job location

Denver, United States of America

Tech stack

Microsoft Access
API
Application Firewall
Cloud Computing
Continuous Integration
DDoS Mitigation
DNS
Hypertext Transfer Protocols (HTTP)
Python
Network Security
Routing
Akamai
Zero Trust Network Access
Reverse Proxy
Security Information and Event Management
TCP/IP
Data Logging
Transport Layer Security
Computer Network Operations
Software Security
Cloudflare
Terraform
Ddos

Job description

This position is not eligible for visa sponsorship, now or in the future. Candidates must be a US Citizen or Green Card Holder, Make your mark at one of the biggest names in payments. We're looking for a Network Security Engineer Specialist to join our ever-evolving Edge&Network Security team and help us unleash the potential of every business.

This role is to strengthen and evolve our web application firewall, edge security, and application protection platforms across a global enterprise environment. This is a hands-on technical leadership role focused primarily on WAF, edge security, application-layer controls, bot mitigation, API protection, and traffic inspection.

Our core platforms include Akamai and Cloudflare technologies, including WAF policies, managed and custom rules, bot protection, rate limiting, API security, DDoS-adjacent controls, security analytics, and edge traffic protection.

This role supports business-critical applications and services across a global environment. You will lead engineering and delivery efforts, improve service reliability, reduce false positives, mentor other engineers, and act as a technical escalation point during high-severity incidents involving WAF, edge security, application access, or related network security services.

This is an engineering-first role, with approximately 80% of time focused on design, implementation, tuning, and operational improvement, and approximately 20% supporting incident mitigation and high-severity response.

On-Call Expectations: Participate in a rotating on-call schedule for incidents. Act as a senior escalation point for major issues affecting WAF, edge security, application protection, or related network security services. Contribute to post-incident analysis and ensure durable corrective actions are implemented. Participate in readiness activities, operational reviews, and resilience improvements for critical edge and application security services.

On-Call Schedule:

Weekdays: 10 am - 10 pm ET (rotates between 4 colleagues)

Weekends: 10 pm Friday - 10 pm Sunday ET ( rotates between 7 colleagues)

What you'll own

  • Lead engineering and continuous improvement for WAF and edge security platforms, with primary focus on application protection, bot mitigation, API protection, and related controls across a global enterprise environment.

  • Administer, harden, and optimize Akamai and Cloudflare platforms, including WAF policies, managed rules, custom rules, rate limiting, bot controls, API security, and security analytics.

  • Design, maintain, and tune scalable WAF security policies for internet-facing applications, including traffic inspection, threat protection, allow/block logic, exception handling, and false-positive reduction.

  • Drive reliable and secure platform changes through safe rollout planning, validation, rollback readiness, post-change review, and operational standardization.

  • Serve as a technical lead and escalation point for complex WAF issues, high-risk changes, application access problems, and high-severity incidents.

  • Partner with internal teams and vendors to improve service reliability and visibility, including SOC/IR, Application Security, Network Operations, infrastructure, application teams, and vendors; improve logging, telemetry, SIEM integration, runbooks, metrics, and durable vendor resolutions.

Requirements

  • Bachelor's degree in a related field and 12+ years of experience, or equivalent practical experience.

  • Experience in network security, application security, edge security, or security engineering roles within enterprise environments.

  • Strong hands-on experience with WAF technologies, especially Akamai and Cloudflare, including managed rules, custom rules, bot protection, rate limiting, API protection, and security analytics.

  • Experience with WAF policy design and operations, including application onboarding, traffic inspection, rule tuning, exception handling, troubleshooting, and false-positive reduction.

  • Strong networking and security fundamentals, including TCP/IP, TLS, DNS, HTTP/S, certificates, routing, NAT, CDN/reverse proxy concepts, and zero trust.

  • Experience supporting large-scale global environments, serving as a senior escalation point during major incidents, mentoring engineers, reviewing work, and communicating effectively across teams.

It's a bonus if you have

  • Experience with Terraform, Python, CI/CD, APIs, or automation for security platforms.

  • Familiarity with SWG, Proxy, SASE, Secure Access, Zscaler, Prisma Access, or Palo Alto technologies.

  • Experience with F5 Distributed Cloud (XC) DDoS protection, CDN traffic management, or hybrid edge architectures.

  • Exposure to regulated environments or relevant certifications such as Akamai, Cloudflare, CISSP, GIAC, PCNSE, or Zscaler.

Benefits & conditions

Worldpay is dedicated to offering individuals rewarding career opportunities and competitive compensation. For this full-time position, the good faith estimated annual salary range upon hire is $127,500.00-$192,525.00. This range reflects what we reasonably expect to offer based on the role's responsibilities, level, and geographic location. The actual starting salary will be determined by a candidate's experience, job-related skills, and relevant education or training. Please note that changes in work location may impact the final offered salary. We encourage you to consult with your recruiter to confirm the budget for your location and to better understand the applicable pay scale. Candidates and applicants are advised they may redact age information from requested items like transcripts, resumes, and certificates attached to their application for positions that can be performed in Colorado.

About the company

Globalpayers think like a client, act like an owner and win as one team. We're curious and innovative - always finding better ways to deliver impact. We empower each other to make decisions, and it's our passion that drives excellence in everything we set out to do.

Apply for this position