Signet JewelersRemote
Web App Firewall Security Engineer (Remote)
United States
Full-time
1 week ago
$106,000 - $160,000 USD
H1B Sponsor Likely
Key skills
Akamai security productsWeb Application FirewallsOWASP Top 10HTTPHTTPSTLSCloud-based environmentsSecurity log analysisProduction change managementPythonBashREST APIsTroubleshooting skillsAnalytical skillsProblem-solving skillsAWSCDNAkamaiCI/CDChange ManagementOWASPWAFFirewall
About this role
Signet Jewelers is the world's largest retailer of diamond jewelry, operating over 2,800 stores worldwide. They are seeking a Web App Firewall Security Engineer responsible for enterprise Web Application Firewall and edge security operations to protect high-traffic ecommerce applications and APIs.
Responsibilities:
- Serve as subject matter expert for enterprise WAF platforms, with primary ownership of Akamai and operational support for Imperva and AWS WAF
- Design, deploy, configure, and manage WAF policies protecting web applications and APIs
- Tune and optimize security rules to balance threat prevention, performance, and revenue protection
- Configure and maintain Akamai security capabilities including Bot Manager, Rate Control, Client Reputation, API Security, and related protections
- Monitor and analyze security events, attack traffic, bot activity, and abuse patterns including OWASP Top 10 threats and DDoS attempts
- Perform ongoing rule reviews, policy optimization, and false positive reduction
- Support production change management processes and ensure stability when implementing WAF updates
- Participate in incident response activities related to web-layer and edge-based threats
- Develop and report on WAF effectiveness metrics including block accuracy, false positive rate, and attack trends
- Maintain documentation of configurations, procedures, and operational standards
- Partner with Application Security Team to validate exploitability of identified vulnerabilities
- Support secure deployment practices and CI/CD security integrations
- Assist development teams in understanding web-layer threats and mitigation strategies
- Develop lightweight automation scripts to improve monitoring, validation, and reporting processes
- Stay current with emerging web threats and platform updates
Requirements:
- Bachelor's Degree in computer science, Management Information Systems, or equivalent experience
- 3–5+ years of hands-on experience operating and tuning Web Application Firewalls in enterprise or high-traffic environments
- Strong hands-on experience with Akamai security products required
- Strong understanding of web application security concepts and OWASP Top 10
- Knowledge of HTTP, HTTPS, TLS, DNS, CDN architectures, and cloud-based environments
- Experience analyzing security logs, traffic patterns, and attack behavior
- Demonstrated ability to tune WAF policies and reduce false positives without disrupting production traffic
- Experience supporting structured production change management processes
- Basic scripting or automation experience such as Python, Bash, or REST APIs
- Strong troubleshooting, analytical, and problem-solving skills
- Experience with Imperva and/or AWS WAF
- Experience supporting high-volume ecommerce or retail environments
- Familiarity with PCI security requirements
- Experience working with distributed development and DevOps teams