Web App Firewall Security Engineer (Remote)
About the position
Signet Jewelers is the world's largest retailer of diamond jewelry, operating more than 2,800 stores worldwide under the iconic brands: Kay Jewelers, Zales, Jared, H.Samuel, Ernest Jones, Peoples, Banter by Piercing Pagoda, Rocksbox, JamesAllen.com and Diamonds Direct. We are a people-first company and this core value is at the heart of everything we do, from empowering our valued team members, to collaborating with our customers, to fostering the communities in which we live and serve. People – and the love their actions inspire – are what drive us. We’re not only proud of the love we inspire outside our walls, we’re especially proud of the diversity, inclusion and equity we’re inspiring inside. There are dynamic career paths awaiting you – rewarding opportunities to impact the lives of others and inspire love. Join us! Web App Firewall Security Engineer IT IV Location: Remote POSITION SUMMARY: The WAF Security Engineer is responsible for enterprise Web Application Firewall and edge security operations protecting high-traffic ecommerce applications and APIs. This role provides hands-on ownership of Akamai security platforms and supports additional WAF technologies. This position requires strong operational discipline, deep understanding of web application threats, and the ability to balance security enforcement with availability and customer experience in production environments.
Responsibilities
• Serve as subject matter expert for enterprise WAF platforms, with primary ownership of Akamai and operational support for Imperva and AWS WAF
• Design, deploy, configure, and manage WAF policies protecting web applications and APIs
• Tune and optimize security rules to balance threat prevention, performance, and revenue protection
• Configure and maintain Akamai security capabilities including Bot Manager, Rate Control, Client Reputation, API Security, and related protections
• Monitor and analyze security events, attack traffic, bot activity, and abuse patterns including OWASP Top 10 threats and DDoS attempts
• Perform ongoing rule reviews, policy optimization, and false positive reduction
• Support production change management processes and ensure stability when implementing WAF updates
• Participate in incident response activities related to web-layer and edge-based threats
• Develop and report on WAF effectiveness metrics including block accuracy, false positive rate, and attack trends
• Maintain documentation of configurations, procedures, and operational standards
• Partner with Application Security Team to validate exploitability of identified vulnerabilities
• Support secure deployment practices and CI/CD security integrations
• Assist development teams in understanding web-layer threats and mitigation strategies
• Develop lightweight automation scripts to improve monitoring, validation, and reporting processes
• Stay current with emerging web threats and platform updates
Requirements
• Bachelor’s Degree in computer science, Management Information Systems, or equivalent experience.
• 3–5+ years of hands-on experience operating and tuning Web Application Firewalls in enterprise or high-traffic environments
• Strong hands-on experience with Akamai security products required
• Strong understanding of web application security concepts and OWASP Top 10
• Knowledge of HTTP, HTTPS, TLS, DNS, CDN architectures, and cloud-based environments
• Experience analyzing security logs, traffic patterns, and attack behavior
• Demonstrated ability to tune WAF policies and reduce false positives without disrupting production traffic
• Experience supporting structured production change management processes
• Basic scripting or automation experience such as Python, Bash, or REST APIs
• Strong troubleshooting, analytical, and problem-solving skills
Nice-to-haves
• Experience with Imperva and/or AWS WAF
• Experience supporting high-volume ecommerce or retail environments
• Familiarity with PCI security requirements
• Experience working with distributed development and DevOps teams
Benefits
• Competitive healthcare, dental & vision insurance
• 401(k) matching after one year of employment
• Generous time off + company holidays
• Merchandise discount
• Learning & Development programs
• Much more!
Apply tot his job
Apply To this Job
Signet Jewelers is the world's largest retailer of diamond jewelry, operating more than 2,800 stores worldwide under the iconic brands: Kay Jewelers, Zales, Jared, H.Samuel, Ernest Jones, Peoples, Banter by Piercing Pagoda, Rocksbox, JamesAllen.com and Diamonds Direct. We are a people-first company and this core value is at the heart of everything we do, from empowering our valued team members, to collaborating with our customers, to fostering the communities in which we live and serve. People – and the love their actions inspire – are what drive us. We’re not only proud of the love we inspire outside our walls, we’re especially proud of the diversity, inclusion and equity we’re inspiring inside. There are dynamic career paths awaiting you – rewarding opportunities to impact the lives of others and inspire love. Join us! Web App Firewall Security Engineer IT IV Location: Remote POSITION SUMMARY: The WAF Security Engineer is responsible for enterprise Web Application Firewall and edge security operations protecting high-traffic ecommerce applications and APIs. This role provides hands-on ownership of Akamai security platforms and supports additional WAF technologies. This position requires strong operational discipline, deep understanding of web application threats, and the ability to balance security enforcement with availability and customer experience in production environments.
Responsibilities
• Serve as subject matter expert for enterprise WAF platforms, with primary ownership of Akamai and operational support for Imperva and AWS WAF
• Design, deploy, configure, and manage WAF policies protecting web applications and APIs
• Tune and optimize security rules to balance threat prevention, performance, and revenue protection
• Configure and maintain Akamai security capabilities including Bot Manager, Rate Control, Client Reputation, API Security, and related protections
• Monitor and analyze security events, attack traffic, bot activity, and abuse patterns including OWASP Top 10 threats and DDoS attempts
• Perform ongoing rule reviews, policy optimization, and false positive reduction
• Support production change management processes and ensure stability when implementing WAF updates
• Participate in incident response activities related to web-layer and edge-based threats
• Develop and report on WAF effectiveness metrics including block accuracy, false positive rate, and attack trends
• Maintain documentation of configurations, procedures, and operational standards
• Partner with Application Security Team to validate exploitability of identified vulnerabilities
• Support secure deployment practices and CI/CD security integrations
• Assist development teams in understanding web-layer threats and mitigation strategies
• Develop lightweight automation scripts to improve monitoring, validation, and reporting processes
• Stay current with emerging web threats and platform updates
Requirements
• Bachelor’s Degree in computer science, Management Information Systems, or equivalent experience.
• 3–5+ years of hands-on experience operating and tuning Web Application Firewalls in enterprise or high-traffic environments
• Strong hands-on experience with Akamai security products required
• Strong understanding of web application security concepts and OWASP Top 10
• Knowledge of HTTP, HTTPS, TLS, DNS, CDN architectures, and cloud-based environments
• Experience analyzing security logs, traffic patterns, and attack behavior
• Demonstrated ability to tune WAF policies and reduce false positives without disrupting production traffic
• Experience supporting structured production change management processes
• Basic scripting or automation experience such as Python, Bash, or REST APIs
• Strong troubleshooting, analytical, and problem-solving skills
Nice-to-haves
• Experience with Imperva and/or AWS WAF
• Experience supporting high-volume ecommerce or retail environments
• Familiarity with PCI security requirements
• Experience working with distributed development and DevOps teams
Benefits
• Competitive healthcare, dental & vision insurance
• 401(k) matching after one year of employment
• Generous time off + company holidays
• Merchandise discount
• Learning & Development programs
• Much more!
Apply tot his job
Apply To this Job