Lead Cybersecurity WAF Engineer
$122,600–$204,400 year
Hybrid · Atlanta, Georgia, United States
Job Summary
The Lead Cybersecurity Web Application Firewall (WAF) Engineer is responsible for leading the vision, strategy, and standards of WAF and application-edge security across Cox Automotive. Key responsibilities include tuning security policies, implementing WAF for new applications, conducting threat analysis, participating in incident response, and collaborating with cross-functional teams to ensure modern and resilient protections. This role demands strong expertise in WAF architectures, a solid understanding of networking concepts, and the capability to mentor engineering teams. Candidates must have a Bachelor's degree and substantial experience in cybersecurity, particularly with WAF solutions.
Required Qualifications
- Bachelor’s degree in a related discipline and 6 years’ experience in a related field or equivalent combination of education and experience.
- At least 4 years focused on cybersecurity with at least 2 years managing enterprise WAF.
- Demonstrated expert level experience architecting, implementing, and operating enterprise WAF solutions across multiple environments.
- Deep knowledge of how network traffic routes between clients and servers across the internet (e.g., DNS, HTTP/S, CDN/edge routing).
- Experience leading technical initiatives and mentoring engineering teams.
- Proficient in Python and Terraform.
- Experience utilizing Agile methodologies and DevSecOps.
Desired Qualifications
- Knowledge of current cybersecurity and technology architectures such as zero trust, IaaS, PaaS, SaaS, virtualization, and containerization.
- A strong understanding of cloud containers and/or serverless platforms (e.g., EKS, ECS, Lambda, Fargate).
- Experience with security testing tools such as Fortify, BurpSuite, and Wiz.
- Extensive technology knowledge and recognized expertise in several areas including .NET framework, Mono, Spring frameworks, Oracle, serverless, cloud patterns, cloud service and user authentication or similar.
- Experience with cloud infrastructure (AWS, GCP, or Azure) and services and on-premises infrastructure.
- Experience in the development and design of cybersecurity standard methodologies to all layers of the hosting and application stack in both cloud and on-premises environments.
- Knowledge of Identity and Access Management (IAM), cryptography / key management, secrets management, access controls and security protocols (e.g., multi-factor, SAML, OAuth, OIDC).
- Experience with firewall, web application firewalls, and other edge services as well as deep understanding of DMZ and other network architectures.
- AWS Well-Architected Framework.
- Experience in national critical infrastructure industries (telecommunications, financial services, defense, government, etc.).
- Big four consulting or Fortune 500 company experience.
- Relevant industry certification (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA)
Additional Requirements
- To be employed in this role, you’ll need to clear a pre-employment drug test. Cox Automotive does not currently administer a pre-employment drug test for marijuana for this position.
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.