Cyber Security Engineer- Hybrid

**MUST HAVE AKAMAI ON THEIR RESUME TO BE QUALIFIED FOR MANAGER REVIEW**
AKAMAI experience is an absolute must have as this will be the primary tool the contractor uses. Cloudflare is a secondary tool and will be a must have experience as well.
Absolutely must have 3-6 years of experience will not be considered an entry level position.
About the Role
We are seeking a Security Engineer (WAF SME) to join a dynamic security operations function. In this role, you will lead day-to-day operations, tuning, and incident response for our Web Application Firewall (WAF) and broader Web Application & API Protection (WAAP) stack Akamai (primary) and Cloudflare (secondary).
You will maintain platform stability, drive false-positive reduction, improve protection efficacy against evolving threats, and ensure changes move safely through our standard change processes. You will collaborate closely with SOC/IR, App/Dev, SRE, and Network teams and participate in an on-call rotation for major incidents.

What You Will Be Doing
Operational Support & Incident Handling
Monitor and action WAF/edge security ticket queues; resolve incidents and service requests with clear, timely communication.
Triage and respond to Layer 7 events (e.g., bot abuse, credential stuffing, API abuse, SQLi/RCE attempts, L7 DDoS), escalating as needed.
Provide on-call support for Sev 1/Sev 2 incidents; collaborate with SOC/IR, SRE, and application owners on containment and recovery.
Platform Administration & Tuning
Onboard, configure, tune, and optimize Akamai and Cloudflare WAF policies (managed & custom rules, rate limiting, geo/IP/ASN controls, mTLS, headers).
Manage bot management controls (scoring, allowlists, challenges/JS, behavioral features where available).
Implement policies for OWASP Top 10, API/WAAP protections, and business logic abuse mitigation.
Balance security vs. latency/caching; measure impacts and roll out changes safely.
Change, Hygiene & Governance
Execute changes via standard change control (peer review, testing, staged rollout, rollback plans).
Maintain certificate management, safe DNS/edge updates, and favor policy-as-code approaches where possible.
Provide platform health/status reporting with recommendations to reduce incident volume and downtime.
Monitoring, Telemetry & Reporting
Integrate WAF/edge telemetry with SIEM; maintain dashboards for threat trends, false positive rates, coverage, and hygiene.
Create actionable alerts and runbooks/SOPs to accelerate response and reduce recurrence.
Collaboration & Enablement
Partner with SOC/IR to enhance playbooks and Dev/App teams to align policies with application behavior.
Contribute to internal knowledge base and continuous improvement of control efficacy and resiliency.
Track emerging threats and vendor updates; recommend timely configuration changes and control enhancements.