Cyber Security Engineer
Role summary
This role is for a Lead Cybersecurity WAF Engineer responsible for the enterprise strategic ownership of Web Application Firewall (WAF) security. The engineer will safeguard high-traffic public applications using automation and threat-response strategies, leveraging Python, Terraform, and cloud-native architectures to defend against sophisticated Layer 7 attacks. Key responsibilities include leading WAF solution architecture and implementation, driving security automation, acting as a technical lead during security events, and partnering with other teams to implement secure-by-default patterns. The role requires deep technical mastery of networking protocols, cloud platforms, and security frameworks.
Lead Cybersecurity WAF Engineer
We're working with a global leader in automotive technology and digital transformation on this exciting opportunity.
As the enterprise strategic owner of Web Application Firewall (WAF) security, you will safeguard high-traffic public applications using cutting-edge automation and threat-response strategies. This is a high-impact role where you will leverage Python, Terraform, and cloud-native architectures to defend a Fortune 500 ecosystem against sophisticated Layer 7 attacks.
The Role
• Lead the architecture, implementation, and visionary strategy for enterprise-scale WAF solutions across multi-cloud and on-prem environments.
• Drive security automation by authoring WAF tuning strategies, runbooks, and playbooks using Python and Terraform to enable DevSecOps workflows.
• Act as the primary technical lead during security events, mitigating botnet traffic spikes and complex web exploits through real-time policy improvement.
• Partner with AppSec and Cloud Architecture teams to implement "secure-by-default" patterns for public-facing APIs and websites.
• Conduct deep-dive trend analysis on cyber threats, recommending modern security tools and infrastructure improvements to stay ahead of the curve.
What You'll Need
• Minimum of 6 years in Cybersecurity/IT engineering, with at least 4 years focused on cybersecurity and 2+ years of hands-on enterprise WAF management.
• Expert-level technical mastery of DNS, HTTP/S, CDN edge routing, and network traffic flow between clients and servers.
• Proficiency in Infrastructure as Code (Terraform) and scripting (Python) for security automation and orchestration.
• Solid experience with cloud platforms (AWS, GCP, or Azure) and modern tech stacks including EKS, Lambda, Fargate, and serverless patterns.
• Strong knowledge of security testing tools (BurpSuite, Wiz, Fortify) and industry frameworks like NIST, ISO 27000, or OWASP.
What's On Offer
• Highly competitive salary range of $122,600 - $204,400 with additional incentive program eligibility.
• Flexible "take what you need" paid vacation policy plus 7 paid holidays and 160 hours of wellness time.
• Comprehensive benefits package including volunteer time off, military leave, and extensive parental leave.
• A remote-friendly, collaborative culture within a major global technology powerhouse.
Apply via Haystack today!
Similar roles
- Cyber Security EngineerPacer Staffing · Bloomfield, Connecticut, United States · Hybrid
Cyber Security EngineerAgileGrid Solutions · United States · Onsite- Cyber Security EngineerAgileGrid Solutions · United States · Hybrid
Principal Cyber Security EngineerMANTECH · Chantilly, Virginia, United States · Onsite
Cyber Security EngineerBooz Allen Hamilton · Virginia, United States · Null
