Network Security Engineer with strong WAF experience (m/f)

Start: ASAP

Duration: 6 months +++

Location: fully remote

What you'll do

You will design, implement, and continuously improve cloud network security controls with a focus on WAF tuning, DDoS detection, and mitigation across AWS, Azure, and GCP. You will optimize WAF rules to minimize false positives while protecting against OWASP Top 10 threats and application-specific risks. You will enhance DDoS strategies across L3-L7, monitor anomalies, validate mitigation effectiveness, and support investigations with SOC and threat intelligence teams. You will implement network security and DDoS safeguards as code using Terraform, Bicep, CDK, or similar, ensuring consistent multi-cloud governance. You will analyze logs and telemetry to identify abuse patterns and integrate visibility into SIEM platforms. You will define standards for cloud Firewalls, WAF, and DDoS configurations, support audits, partner with engineering and DevOps teams on secure architectures, and provide L2/L3 support for escalated security issues.

What you bring

You bring 5+ years of cloud or network security engineering experience and expert hands-on knowledge of AWS WAF, Azure WAF, and Cloud Armor. You have strong skills in WAF rule tuning, DDoS mitigation techniques, and cloud network security controls such as NSGs, Firewalls, and zero-trust principles. You are skilled in Terraform or similar IaC/PaC tools, with Scripting abilities in Python or Bash. You understand DevSecOps integration, multi-cloud environments, and analysing logs for threat patterns. Cloud security certifications are a plus.