Security Engineer - Cloud & Web Protection
Role details
Job location
Tech stack
Job description
This is a high-impact role for an engineer who thrives at the intersection of network architecture and application-layer defense. You will not only manage the security platforms but also drive automation and DevSecOps integration, ensuring that as our application architecture evolves, our security posture scales with it. If you are passionate about protecting critical services from sophisticated automated threats, we want to hear from you., Application & Edge Security Edge Protection: Lead the administration of enterprise WAF and CDN platforms. Deploy and tune security policies to defend against OWASP Top 10, API abuse, credential stuffing, and advanced bot threats. API Security: Architect and manage security controls for API endpoints, including rate limiting, schema validation, and traffic anomaly detection. Incident Response: Provide high-level support for web application security incidents. Conduct deep-dive analysis on false positives and tune detection logic to minimize disruption to production traffic.
Network & Cloud Perimeter Infrastructure Security: Administer and support Next-Generation Firewall (NGFW) environments, secure remote access/ZTNA solutions, and complex network routing policies. Network Segmentation: Design and implement robust segmentation and SSL decryption strategies to maintain visibility into encrypted traffic without compromising performance. Operations & On-Call: Participate in an on-call rotation to provide rapid response for production-critical network or application security incidents.
Automation & DevSecOps Security as Code: Develop automation scripts using Python and REST APIs to streamline security workflows. Manage security infrastructure using Terraform and integrate security checks into CI/CD pipelines. Dashboards & Reporting: Build real-time dashboards to provide leadership with visibility into our security posture, threat trends, and remediation metrics.
Requirements
Experience Baseline: 5+ years of combined experience in web application and network security. Technical Mastery: Hands-on experience with enterprise-grade WAF/DDoS mitigation platforms and Next-Generation Firewalls (NGFW). Automation: Demonstrated ability to build security automation with Terraform, Python, and Git. AppSec Core: Strong understanding of authentication attacks, SQLi, XSS, and API-specific vulnerabilities.
Preferred Attributes Experience securing Kubernetes and containerized environments. Experience within a DevSecOps/CI/CD culture, including integrating automated security scanning into development workflows. Industry certifications (e.g., CISSP, GIAC, or vendor-specific security architecture certifications). A "threat-hunting" mindset-the ability to identify patterns in traffic that suggest malicious intent rather than just reacting to alerts.