Cloud Security Engineer (WAAP / CDN / IaC)

Job Description

We are seeking a highly skilled and motivated Cloud Security Engineer with hands-on experience in WAAP (Web Application & API Protection) solutions such as Cloudflare or Akamai. The ideal candidate will have a deep understanding of web and API security, IaC automation, and CDN-based DDoS protection strategies. This role demands strong collaboration skills to work cross-functionally with development, networking, and security teams. --- Key Responsibilities: 1. Cloudflare / Akamai Security Management: Configure and manage WAAP policies, WAF rules, bot protection, and rate limiting features. Monitor and respond to security events, DDoS alerts, and bot traffic anomalies. Optimize security posture while minimizing performance impact. 2. Web Application & API Security: Apply security best practices based on OWASP Top 10 and OWASP API Security Top 10. Conduct threat modeling and security reviews for web and API endpoints. Assist in secure design and testing during application development lifecycle. 3. Infrastructure as Code (IaC): Implement and manage Terraform modules for deploying and enforcing security configurations. Automate WAAP/WAF provisioning and policy management as code. Integrate security checks into CI/CD pipelines. 4. Network & CDN Security: Design and manage DNS, CDN configurations, and origin protection strategies. Respond to Layer 3/4 DDoS attacks using mitigation controls and rate limits. Collaborate on resilient edge security architectures. 5. Cross-Functional Collaboration & Troubleshooting: Work closely with developers, DevOps, network, and security teams to support application and infrastructure migrations. Troubleshoot WAAP policy conflicts, latency issues, and misconfigured firewall rules. Communicate security risks and mitigation strategies to stakeholders clearly and effectively. --- Qualifications : 5+ years of experience with Cloudflare, Akamai, or similar WAAP platforms. Strong grasp of web protocols (HTTP/S, TLS), DNS, and CDN architectures. Proficiency with Terraform and GitOps practices. Familiarity with CI/CD workflows and DevSecOps practices. Excellent analytical and communication skills. Show more Show less