Network Security Engineer (WAF)
We are looking for a Network Security Engineer with hands-on experience in deploying and managing cloud-based DDoS protection and Web Application Firewall (WAF) solutions. The ideal candidate will have deep technical knowledge of platforms like Cloudflare, Akamai, or equivalent, and experience building custom rulesets for application-layer protection and traffic shaping. This role involves both strategic consulting and hands-on implementation in enterprise environments, with a strong emphasis on secure traffic delivery, performance optimization, and incident mitigation.
Key Responsibilities:
Design, deploy, and manage cloud-based security platforms, including WAF, DDoS mitigation, bot protection, and CDN configuration (Cloudflare, Akamai, etc.).
Build and manage custom rules (e.g., page rules, rate limits, transform rules, iRules) to enforce security policies and traffic optimization.
Work closely with application, DevOps, and infrastructure teams to ensure secure and resilient traffic flow to internet-facing assets.
Optimize configurations for latency, performance, and availability, including global traffic routing, failover, and load balancing.
Support incident response efforts involving DDoS events or WAF bypass attempts.
Document configurations and provide operational runbooks for client handoffs or internal support teams.
Conduct WAF and edge security assessments to identify improvements or misconfigurations.
Assist in migration from or integration with on-premises platforms such as F5, including custom logic translation to cloud WAF equivalents.
Stay up to date on evolving threat actor behaviors, industry DDoS tactics, and mitigation techniques.
Required Qualifications:
2–4 years of experience managing cloud WAF/DDoS platforms in enterprise environments.
Deep familiarity with Cloudflare and/or Akamai edge protection services.
Experience building custom page rules, rate limiting policies, or traffic filtering logic.
Strong knowledge of core networking concepts (TCP/IP, DNS, HTTP/S, load balancing, NAT, routing).
Hands-on experience with on-premises application delivery controllers such as F5 BIG-IP, especially working with iRules, SSL offloading, and WAF modules.
Strong troubleshooting skills across application-layer traffic and network-layer protection.
Experience working in consulting, MSP, or client-facing roles is a strong plus.
Preferred Qualifications:
Familiarity with cloud platforms (AWS/GCP/Azure) and edge integration patterns (e.g., using Cloudflare with AWS ALB).
Experience with automating WAF/DNS/DDoS configurations via API or Terraform.
Certifications related to Cloudflare, Akamai, F5, or network security (e.g., F5 CTS, Cloudflare Zero Trust certs).
Experience with API security protections, client fingerprinting, and bot mitigation strategies.
Network Security Engineer (WAF)
We are looking for a Network Security Engineer with hands-on experience in deploying and managing cloud-based DDoS protection and Web Application Firewall (WAF) solutions. The ideal candidate will have deep technical knowledge of platforms like Cloudflare, Akamai, or equivalent, and experience building custom rulesets for application-layer protection and traffic shaping. This role involves both strategic consulting and hands-on implementation in enterprise environments, with a strong emphasis on secure traffic delivery, performance optimization, and incident mitigation.
Key Responsibilities:
Design, deploy, and manage cloud-based security platforms, including WAF, DDoS mitigation, bot protection, and CDN configuration (Cloudflare, Akamai, etc.).
Build and manage custom rules (e.g., page rules, rate limits, transform rules, iRules) to enforce security policies and traffic optimization.
Work closely with application, DevOps, and infrastructure teams to ensure secure and resilient traffic flow to internet-facing assets.
Optimize configurations for latency, performance, and availability, including global traffic routing, failover, and load balancing.
Support incident response efforts involving DDoS events or WAF bypass attempts.
Document configurations and provide operational runbooks for client handoffs or internal support teams.
Conduct WAF and edge security assessments to identify improvements or misconfigurations.
Assist in migration from or integration with on-premises platforms such as F5, including custom logic translation to cloud WAF equivalents.
Stay up to date on evolving threat actor behaviors, industry DDoS tactics, and mitigation techniques.
Required Qualifications:
2–4 years of experience managing cloud WAF/DDoS platforms in enterprise environments.
Deep familiarity with Cloudflare and/or Akamai edge protection services.
Experience building custom page rules, rate limiting policies, or traffic filtering logic.
Strong knowledge of core networking concepts (TCP/IP, DNS, HTTP/S, load balancing, NAT, routing).
Hands-on experience with on-premises application delivery controllers such as F5 BIG-IP, especially working with iRules, SSL offloading, and WAF modules.
Strong troubleshooting skills across application-layer traffic and network-layer protection.
Experience working in consulting, MSP, or client-facing roles is a strong plus.
Preferred Qualifications:
Familiarity with cloud platforms (AWS/GCP/Azure) and edge integration patterns (e.g., using Cloudflare with AWS ALB).
Experience with automating WAF/DNS/DDoS configurations via API or Terraform.
Certifications related to Cloudflare, Akamai, F5, or network security (e.g., F5 CTS, Cloudflare Zero Trust certs).
Experience with API security protections, client fingerprinting, and bot mitigation strategies.