Key skills
AkamaiWeb Application FirewallIncident ResponseNetwork SecurityPolicy TuningScripting/AutomationHTTP/STLS/PKIDNSAnalytical TroubleshootingJSON/YAMLAPI/CLI ExperienceCross-team CollaborationCommunication SkillsPythonBashPowerShellAWSAzureTerraformAnsibleCloudFrontCDNCloudflareFastlyCachingCI/CDCommunicationCollaborationOWASPWAFFirewall
About this role
Kavalio is seeking a Security Engineer (WAF SME) to join their dynamic security operations function. The role involves leading day-to-day operations for the Web Application Firewall (WAF) and ensuring platform stability while collaborating with various teams for incident response and security enhancements.
Responsibilities:
- Monitor and action WAF/edge security ticket queues; resolve incidents and service requests with clear, timely communication
- Triage and respond to Layer 7 events (e.g., bot abuse, credential stuffing, API abuse, SQLi/RCE attempts, L7 DDoS), escalating as needed
- Provide on-call support for Sev 1/Sev 2 incidents; collaborate with SOC/IR, SRE, and application owners on containment and recovery
- Onboard, configure, tune, and optimize Akamai and Cloudflare WAF policies (managed & custom rules, rate limiting, geo/IP/ASN controls, mTLS, headers)
- Manage bot management controls (scoring, allowlists, challenges/JS, behavioral features where available)
- Implement policies for OWASP Top 10, API/WAAP protections, and business logic abuse mitigation
- Balance security vs. latency/caching; measure impacts and roll out changes safely
- Execute changes via standard change control (peer review, testing, staged rollout, rollback plans)
- Maintain certificate management, safe DNS/edge updates, and favor policy-as-code approaches where possible
- Provide platform health/status reporting with recommendations to reduce incident volume and downtime
- Integrate WAF/edge telemetry with SIEM; maintain dashboards for threat trends, false positive rates, coverage, and hygiene
- Create actionable alerts and runbooks/SOPs to accelerate response and reduce recurrence
- Partner with SOC/IR to enhance playbooks and Dev/App teams to align policies with application behavior
- Contribute to internal knowledge base and continuous improvement of control efficacy and resiliency
- Track emerging threats and vendor updates; recommend timely configuration changes and control enhancements
Requirements:
- Bachelor's degree in Computer Engineering (or related field) or equivalent practical experience
- 3–6+ years hands-on experience operating in Network Security space for any enterprise environment
- Must have at least 2 years of hands-on experience with Akamai
- Demonstrated expertise in policy tuning and incident response for web and API protections (blocking vs. challenge strategies, exception handling, FP reduction)
- Solid grasp of HTTP/S, TLS/PKI, DNS, CDN caching/edge routing, and performance tradeoffs
- Experience integrating WAF logs into SIEM and building actionable dashboards/alerts
- Scripting/automation exposure (Terraform, bash, Python, Ansible or PowerShell), comfort with JSON/YAML and regex; API/CLI experience beneficial
- Strong analytical troubleshooting, communication, and cross-team collaboration skills
- Willingness to participate in rotational on-call
- Certifications: Akamai ACA/ACP, Cloudflare, CISSP, Security+, GIAC (GWAPT/GWEB/GCIH), PCI ISA, AZ 104/AZ 700, AWS SAA/SOAA
- Familiarity with any of following: Cloudflare, Fastly, Imperva, F5 ASM/Advanced WAF, Azure Front Door, AWS CloudFront + WAF
- Vendor/platform depth: F5 iRules, Fastly VCL behaviors, or vendor policy DSLs
- Broader security stack familiarity (e.g., DDoS scrubbing, SIEM/SOAR, CASB/CSPM, vuln management)
- DevSecOps experience including CI/CD integration for edge policy promotion/testing
- Payments/financial services experience; working knowledge of PCI DSS, NIST CSF, ISO 27001