Key skills
PythonGoAWSAzureGCPNGINXGitiOSAndroidCDNAkamaiCloudflareFastlyCI/CDCustomer SuccessSalesOWASPNetwork SecurityWAF
About this role
Appdome is a global leader in application security, dedicated to protecting APIs and digital experiences for modern organizations. The Solutions Application Engineer will own the technical success of API protection and bot defense deployments across North America, collaborating closely with Sales, Product, and Customer Success teams while maintaining hands-on involvement.
Responsibilities:
- Lead technical planning, implementation, documentation, and testing of API protection and bot defense solutions across customer environments
- Own and maintain integration environments across major cloud, CDN/WAF, and edge platforms (e.g., AWS, Azure, GCP; Cloudflare/Fastly/Akamai; F5/NGINX/Imperva, etc.)
- Build and maintain reference integrations (edge scripts/policies, gateways, middleware, SDK integration patterns, sample apps) and keep them production-grade
- Run architecture reviews with customers and prospects; assess current posture and propose target-state designs aligned to best practices
- Create and refine threat models for automation abuse and API attack surfaces (credential stuffing, scraping, ATO, token replay, bypass paths, device/session impersonation)
- Define security requirements by evaluating business needs, data flows, and constraints; translate requirements into implementation plans and success criteria
- Execute POCs and production onboarding: test plans, attack simulation, telemetry validation, tuning, and go-live readiness
- Produce crisp technical artifacts: runbooks, diagrams, configuration guides, rollout strategies, and troubleshooting playbooks
- Provide ongoing technical account coverage: escalations, root-cause analysis, proactive hardening recommendations, and roadmap feedback from the field
- Stay current on emerging threats, standards, and patterns in API security and bot/fraud prevention, and share learnings internally
Requirements:
- Extensive experience in API security and modern abuse patterns (OWASP API Top 10 familiarity; auth/session weaknesses; rate limiting; anomaly detection; bot mitigation strategies)
- Experience in bot defense / fraud / automation concepts: ATO, credential stuffing, scraping, session integrity, device signals, behavioral/telemetry-driven enforcement
- Security architecture design for distributed systems spanning edge, gateway, and backend services
- Cloud and network security in environments such as AWS / Azure / GCP; strong fundamentals in TLS, HTTP, proxies, headers/cookies, certificates, DNS
- WAF/CDN/edge integration patterns (policies, rules, worker scripts, reverse proxy deployments)
- Orchestration and automation: CI/CD, test harnesses, traffic replay/simulation, environment-as-code
- Scripting and tooling (Python/Node/Go—at least one strong), Git workflows, debugging in live environments
- Ability to communicate clearly with both engineers and executives and to operate effectively in a customer-facing role
- Experience with edge compute (Cloudflare Workers, Fastly Compute, Akamai EdgeWorkers) and/or NGINX/F5 advanced configurations
- Familiarity with mobile networking/security (iOS/Android stacks, certificate pinning, device identity/attestation signals) and how mobile signals inform backend enforcement
- Security certifications (GIAC, CompTIA, ISACA, (ISC)²) or equivalent demonstrated expertise
- Bachelor's degree in Cyber Security, Computer Science, or a related field (or equivalent experience)