Platform Engineer

Job Title: Platform Engineer – Defensive Security

Role Overview

hands-on Platform Engineer

You will collaborate across Information Security, Platform Engineering, and Digital Experience teams to design and implement security solutions that protect our most critical digital assets against evolving threats.

Key Responsibilities

• Design, configure, and manage

  WAFs and IDS/IPS systems to detect, block, and mitigate real-time threats.
• Implement

  API security controls

  , including endpoint discovery, schema validation, anomaly detection, and bot management.
• Develop defenses against

  account takeover (ATO), credential stuffing, and automated abuse

  through behavioral analysis and rate-limiting strategies.
• Tune and optimize rules on edge security platforms (Akamai, Cloudflare, etc.) for maximum effectiveness.
• Conduct

  threat modeling

  and support incident response to strengthen detection and prevention capabilities.
• Integrate security into

  CI/CD pipelines

  and enforce secure deployment practices.
• Automate monitoring, logging, and alerting to improve visibility across web and API services.
• Maintain up-to-date documentation of configurations, runbooks, and playbooks.

Required Skills & Experience

• 7+ years

  in Security Engineering / SecOps with a focus on

  Defensive Security

  .
• Proven hands-on expertise in:

• Web Application Firewalls (WAFs)

  – configuration, rule tuning, policy enforcement.

• Intrusion Detection / Prevention Systems (IDS/IPS)

  – deployment and management.

• API security and bot detection

  – securing APIs, preventing abuse, managing traffic.
• Deep understanding of

  application-layer attack patterns

  : XSS, SQLi, CSRF, DDoS, brute force, etc.
• Strong technical grasp of

  HTTP/S, TLS, DNS, CDN, reverse proxy, and edge defense technologies

  .
• Scripting skills (Python/Bash) for automation and experience with

  IaC (Terraform)

  .
• Familiarity with SIEM/logging solutions and production support workflows.

Preferred / Nice-to-Have

• Vendor experience with:

• Akamai Security Suite

  (Kona WAF, Bot Manager, Account/Content Protector).

• Cloudflare Enterprise Security

  (WAF, Bot Management, API Gateway).
• Knowledge of

  DDoS protection, geo/IP access control, and advanced content scraping defenses

  .
• Relevant security certifications (

  OSCP, GIAC, CISSP, CEH

  ) or equivalent practical expertise.

Soft Skills

• Strong communicator with ability to influence both engineering and non-technical stakeholders.
• Comfortable working in multicultural, global environments.
• Process improvement mindset and agile-ready approach.
• Self-starter with a

  secure-by-default mindset

  .