Senior DDoS & Web Application Security Engineer

We are seeking a highly skilled DDoS Protection & Web Application Security Specialist to design, implement, and operate advanced protection mechanisms against volumetric, protocol, and application-layer attacks. The role focuses on safeguarding critical digital assets using industry-leading DDoS mitigation and Web Application Firewall (WAF) technologies across on-premises and cloud environments.

The ideal candidate will have hands-on expertise with F5 Advanced WAF, Cloudflare, Akamai Kona Site Defender, and Radware DefensePro, and will work closely with SOC, Threat Intelligence, and Network teams to ensure a strong, layered security posture.

Key Responsibilities:

• Design, deploy, and manage DDoS protection strategies across on-premises and cloud-based infrastructures.
• Monitor real-time DDoS attacks, analyze traffic anomalies, and implement mitigation rules to ensure service availability.
• Configure, tune, and optimize Web Application Firewall (WAF) policies for web portals, APIs, and subdomains.
• Implement bot management and behavioral analysis to prevent credential stuffing, scraping, and automated abuse.
• Respond to application-layer and volumetric attacks, ensuring minimal impact on business services.
• Collaborate closely with SOC, Threat Intelligence, and Network Security teams to enhance coordinated defense mechanisms.
• Conduct continuous tuning of security policies to reduce false positives and improve detection accuracy.
• Prepare and deliver monthly operational reports covering DDoS incidents, WAF effectiveness, and bot mitigation metrics.
• Support incident response activities and contribute to post-incident analysis and improvement plans.

Required Skills & Experience:

• 5+ years of experience in DDoS protection, web application security, or network security roles.
• Hands-on operational experience with one or more of the following platforms:
  • F5 Advanced WAF
  • Cloudflare
  • Akamai Kona Site Defender
  • Radware DefensePro
• Strong understanding of:
  • DDoS attack types (volumetric, protocol, application-layer)
  • Web application security threats (OWASP Top 10)
  • HTTP/HTTPS, DNS, TCP/IP, and API security
• Experience securing APIs, web portals, and cloud-hosted applications.
• Familiarity with bot mitigation techniques and behavioral analysis.
• Ability to work effectively in high-pressure, incident-driven environments.

Preferred Qualifications:

• Experience working in banking, financial services, or large enterprise environments.
• Exposure to SOC operations and security incident response processes.
• Relevant security certifications (e.g., F5, Cloudflare, Akamai, CISSP, CEH) are a plus.