IT Lead, WAF Engineering & Operations

We are seeking an experienced and highly motivated IT Lead for WAF Engineering & Operations to join our IT Security Operations team. In this role, you will report to the IT Manager of Network Security Operations. You will be responsible for leading the design, implementation, maintenance, and optimization of our Web Application Firewall (WAF) infrastructure. You will work closely with development, operations, and enterprise security teams to ensure the protection of our web applications from evolving cyber threats. By joining our team, you will have the opportunity to work with cutting-edge technologies, contribute to the security of our critical web applications, and grow your skills in a fast-paced and collaborative environment. If you are passionate about web application security and thrive in a leadership role, we encourage you to apply.

As IT Lead, WAF Engineering & Operations , your duties and responsibilities will include:

• Lead the engineering, maintenance, and tuning of WAF solutions to protect web applications from OWASP Top 10 vulnerabilities, zero-day exploits, and other threats
• Collaborate with development teams to implement security controls and integrate WAF with CI/CD pipelines using DevOps automation tools like GitHub, Azure DevOps, or GCP
• Design and implement load balancing and edge security solutions to ensure high availability and performance of web applications
• Assist in managing internal and external PKI infrastructure, including certificate lifecycle management, troubleshooting, and automation
• Assist in managing internal and external DNS infrastructure, ensuring proper configuration, security, and troubleshooting
• Develop and maintain DDoS protection strategies, including detection, mitigation, and reporting
• Manage relationships with Managed Service Providers (MSPs) and third-party vendors to ensure SLAs are met and security posture is maintained
• Stay current with industry best practices and frameworks such as OWASP, MITRE ATT&CK, SANS Top 20, NIST, and CIS Controls
• Collaborate with application teams to secure APIs and integrate WAF with API Gateways
• Develop and implement security strategies for cloud networks, including segmentation, access control, and monitoring

Requirements

WHAT IT TAKES TO CATCH OUR EYE:

• Bachelor’s degree in computer science, cybersecurity, or related field (or equivalent experience)
• 7+ years of experience in information security, with 5+ years focused on WAF and edge security
• Deep understanding of modern web architectures, frameworks, and vulnerabilities
• Hands-on experience configuring and optimizing enterprise WAF solutions (F5, Imperva, Cloudflare, AWS WAF, etc)
• Strong experience with DevOps practices and tools (GitHub, Azure DevOps, Terraform, Ansible, etc)
• Knowledge of PKI, DNS, and DDoS protection technologies and best practices
• Familiarity with cloud security controls and architectures (AWS, Azure, GCP)
• Excellent communication and leadership skills, with the ability to collaborate across teams

BONUS POINTS FOR:

• Relevant certifications preferred (CISSP, CSSLP, GWAPT, CCSP, etc.)

#LI-SS1