Network Security Specialist Senior (WAF)

This position is not eligible for visa sponsorship, now or in the future. Candidates must be a US Citizen or Green Card Holder

This position is hybrid 3 days per week in either our Cincinnati, OH, or Atlanta, GA. 2 days per week if within our Denver, CO office.

Ready to take your career global?

Make your mark at one of the biggest names in payments. We’re looking for a Network Security Engineer Specialist to join our ever-evolving Edge&Network Security team and help us unleash the potential of every business.

This role is to strengthen and evolve our web application firewall, edge security, and application protection platforms across a global enterprise environment. This is a hands-on technical leadership role focused primarily on WAF, edge security, application-layer controls, bot mitigation, API protection, and traffic inspection. 

Our core platforms include Akamai and Cloudflare technologies, including WAF policies, managed and custom rules, bot protection, rate limiting, API security, DDoS-adjacent controls, security analytics, and edge traffic protection.

This role supports business-critical applications and services across a global environment. You will lead engineering and delivery efforts, improve service reliability, reduce false positives, mentor other engineers, and act as a technical escalation point during high-severity incidents involving WAF, edge security, application access, or related network security services. 

This is an engineering-first role, with approximately 80% of time focused on design, implementation, tuning, and operational improvement, and approximately 20% supporting incident mitigation and high-severity response. 

On-Call Expectations: Participate in a rotating on-call schedule for incidents. Act as a senior escalation point for major issues affecting WAF, edge security, application protection, or related network security services. Contribute to post-incident analysis and ensure durable corrective actions are implemented. Participate in readiness activities, operational reviews, and resilience improvements for critical edge and application security services. 

On-Call Schedule:

Weekdays: 10 am – 10 pm ET (rotates between 4 colleagues)

Weekends: 10 pm Friday – 10 pm Sunday ET ( rotates between 7 colleagues)

What you’ll own

• Lead engineering and continuous improvement for WAF and edge security platforms, with primary focus on application protection, bot mitigation, API protection, and related controls across a global enterprise environment.

• Administer, harden, and optimize Akamai and Cloudflare platforms, including WAF policies, managed rules, custom rules, rate limiting, bot controls, API security, and security analytics.

• Design, maintain, and tune scalable WAF security policies for internet-facing applications, including traffic inspection, threat protection, allow/block logic, exception handling, and false-positive reduction.

• Drive reliable and secure platform changes through safe rollout planning, validation, rollback readiness, post-change review, and operational standardization.

• Serve as a technical lead and escalation point for complex WAF issues, high-risk changes, application access problems, and high-severity incidents.

• Partner with internal teams and vendors to improve service reliability and visibility, including SOC/IR, Application Security, Network Operations, infrastructure, application teams, and vendors; improve logging, telemetry, SIEM integration, runbooks, metrics, and durable vendor resolutions.

What you’ll bring

• Bachelor’s degree in a related field and 12+ years of experience, or equivalent practical experience.

• Experience in network security, application security, edge security, or security engineering roles within enterprise environments.

• Strong hands-on experience with WAF technologies, especially Akamai and Cloudflare, including managed rules, custom rules, bot protection, rate limiting, API protection, and security analytics.

• Experience with WAF policy design and operations, including application onboarding, traffic inspection, rule tuning, exception handling, troubleshooting, and false-positive reduction.

• Strong networking and security fundamentals, including TCP/IP, TLS, DNS, HTTP/S, certificates, routing, NAT, CDN/reverse proxy concepts, and zero trust.

• Experience supporting large-scale global environments, serving as a senior escalation point during major incidents, mentoring engineers, reviewing work, and communicating effectively across teams.

It’s a bonus if you have

• Experience with Terraform, Python, CI/CD, APIs, or automation for security platforms.

• Familiarity with SWG, Proxy, SASE, Secure Access, Zscaler, Prisma Access, or Palo Alto technologies.

• Experience with F5 Distributed Cloud (XC) DDoS protection, CDN traffic management, or hybrid edge architectures.

• Exposure to regulated environments or relevant certifications such as Akamai, Cloudflare, CISSP, GIAC, PCNSE, or Zscaler.

About the team

Our inclusive and global teams win together every day. We’re proud to have the best minds in the industry, who you can learn from as you grow your career. The people, the energy, the connections – it’s unmatched. Come and be part of an ever-evolving company and get dynamic opportunities that go beyond borders.