Application Security Engineer/Lead

Looking for an Application Security Engineer for a Long-term , W2 ,Hybrid roles in Charlotte, NC, Chandler, AZ or Dallas- Irving, TX- hybrid onsite, 3 days in office/2 days Remote.

Required Qualifications

• 5+ years of professional experience in Web Application Firewall / Layer 7 security.

• Deep hands-on experience with WAF (Web Application Firewalls) configuration, tuning, and monitoring or WAF s from vendors such as Imperva, ASM, Cloudflare, Akamai, F5 Advanced, FortiWeb, Barracuda.

• Demonstrated knowledge of application layer (L7) DDoS attacks; network (L3) DDoS is not required.
• Strong understanding of DNS, A/CNAME records
• Strong understanding of global load balancing (directing traffic between data centers) and local load balancing (server-level distribution).
• Experience with bot management and API security
• Must have experience with web attacks (how to protect) and rate limiting policies.
• Strong analytical and problem-solving skills, with the ability to resolve web attacks and protect applications.
• Excellent communication skills and ability to partner effectively with business and technical teams.
• Self-starter, adaptable, and able to thrive in a fast-changing environment.

Preferred Qualifications

• Experience with local load balancing and high-level network firewall concepts.
• Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), GIAC Web Application Security (GWEB), or vendor-specific WAF certifications) are a plus.