Security Engineer, WAF

Job Description Apply now: Security Engineer – WAF, location is Hybrid (Atlanta, GA). The start date is ASAP for this Contract-to-Hire (6 months) position.Job Title: Security Engineer – WAFLocation-Type: Hybrid (3 Days A Week On-site - Atlanta, GA 30318)Start Date Is: ASAPDuration: Contract to Hire (6 Months)W2 Pay Rate Range: $70/hr - $85/hr W2Benefits: Eligible for Health, Dental, Vision, 401KNot eligible for visa sponsorshipJob Description: The Security Engineer (WAF) will play a critical role in protecting web applications and APIs by managing and optimizing Web Application Firewall protections across cloud environments. This engineer will focus on hands-on WAF operations, rule tuning, automation, and security integrations within DevSecOps environments while partnering closely with engineering, product, and security teams to strengthen the organization's application security posture.Day-to-Day Responsibilities:Implement, operate, and maintain WAF protections across web applications and API environmentsWrite, tune, and optimize WAF rules including custom protections, bot mitigation controls, and rate limiting policiesApply WAF protections to specific hosts, endpoints, and API gateways as a first line of defense during security eventsMonitor and analyze WAF logs and alerts to identify malicious activity, reduce false positives, and continuously improve security posturePartner with Incident Response (IR) and SOC teams to support security triage by implementing WAF-based mitigationsCollaborate with product and engineering teams to understand application architecture and embed WAF controls into system designIntegrate WAF protections into SDLC processes and CI/CD pipelinesSupport cloud security initiatives focused on securing the application perimeter within AWS environmentsConfigure and support cloud networking components including Application Load Balancers, CloudFront distributions, and API GatewaysDevelop automation scripts and tooling (primarily Python or Go) to scale WAF operations and security processesDeploy and manage WAF configurations using Infrastructure as Code tools such as Terraform or CloudFormationContribute to GitHub repositories supporting security tooling and configuration managementDocument operational procedures, runbooks, change management processes, and incident response playbooksParticipate in an on-call rotation supporting production security incidents and operational needsRequirements:Must-Have Skills/Experiences:2–4 years of experience in application security, network security, or cloud securityHands-on experience managing Web Application Firewalls (AWS WAF strongly preferred; Cloudflare, Akamai, Fastly, Azure Front Door, or GCP Cloud Armor acceptable)Strong understanding of HTTP/HTTPS protocols, OWASP Top 10 vulnerabilities, and API security fundamentalsExperience securing web applications and APIs within AWS cloud environmentsFoundational networking knowledge including firewall concepts and cloud perimeter securityExperience applying WAF protections to API gateways, endpoints, and hostnamesExperience analyzing security telemetry and logs using Splunk or similar SIEM toolsScripting experience with Python (preferred) and familiarity with Go, Bash, or TypeScriptExperience deploying infrastructure and security configurations through Infrastructure as Code (Terraform, CloudFormation, or similar)Experience working within DevOps or DevSecOps environmentsExperience collaborating with IR and SOC teams to support incident response activitiesAbility to write, debug, and maintain automation code supporting security operationsStrong communication skills with the ability to work cross-functionally with engineering, product, and operations teamsDemonstrated ownership mindset with the ability to take initiatives from design through executionAbility to work onsite in a hybrid environment (3 days per week)Nice-to-Have Skills/Experiences (NOT required, but a plus!) :Experience supporting multi-cloud environments (AWS, Azure, GCP)Experience integrating WAF protections with CDN platformsSecurity certifications such as GIAC, GWAPT, CISSP, or CSSLPExperience within media, entertainment, telecommunications, or financial services environmentsExperience with configuration management tools such as AnsibleExposure to incident response processes (not required to lead incidents)Strong learning mindset with interest in expanding security engineering capabilities