Job DescriptionThis position is not eligible for visa sponsorship, now or in the future. Candidates must be a US Citizen or Green Card HolderThis position is hybrid 3 days per week in either our Cincinnati, OH, or Atlanta, GA. 2 days per week if within our Denver, CO office. This role is to strengthen and evolve our web application firewall, edge security, and application protection platforms across a global enterprise environment. This is a hands-on technical leadership role focused primarily on WAF, edge security, application-layer controls, bot mitigation, API protection, and traffic inspection.
Our core platforms include Akamai and Cloudflare technologies, including WAF policies, managed and custom rules, bot protection, rate limiting, API security, DDoS-adjacent controls, security analytics, and edge traffic protection.
This role supports business-critical applications and services across a global environment. You will lead engineering and delivery efforts, improve service reliability, reduce false positives, mentor other engineers, and act as a technical escalation point during high-severity incidents involving WAF, edge security, application access, or related network security services.
This is an engineering-first role, with approximately 80% of time focused on design, implementation, tuning, and operational improvement, and approximately 20% supporting incident mitigation and high-severity response.
On-Call Expectations: Participate in a rotating on-call schedule for incidents. Act as a senior escalation point for major issues affecting WAF, edge security, application protection, or related network security services. Contribute to post-incident analysis and ensure durable corrective actions are implemented. Participate in readiness activities, operational reviews, and resilience improvements for critical edge and application security services.
On-Call Schedule: Weekdays: 10 am - 10 pm ET (rotates between 4 colleagues)
Weekends: 10 pm Friday - 10 pm Sunday ET ( rotates between 7 colleagues)
What you'll own - Lead engineering and continuous improvement for WAF and edge security platforms, with primary focus on application protection, bot mitigation, API protection, and related controls across a global enterprise environment.
- Administer, harden, and optimize Akamai and Cloudflare platforms, including WAF policies, managed rules, custom rules, rate limiting, bot controls, API security, and security analytics.
- Design, maintain, and tune scalable WAF security policies for internet-facing applications, including traffic inspection, threat protection, allow/block logic, exception handling, and false-positive reduction.
- Drive reliable and secure platform changes through safe rollout planning, validation, rollback readiness, post-change review, and operational standardization.
- Serve as a technical lead and escalation point for complex WAF issues, high-risk changes, application access problems, and high-severity incidents.
- Partner with internal teams and vendors to improve service reliability and visibility, including SOC/IR, Application Security, Network Operations, infrastructure, application teams, and vendors; improve logging, telemetry, SIEM integration, runbooks, metrics, and durable vendor resolutions.
What you'll bring - Bachelor's degree in a related field and 12+ years of experience, or equivalent practical experience.
- Experience in network security, application security, edge security, or security engineering roles within enterprise environments.
- Strong hands-on experience with WAF technologies, especially Akamai and Cloudflare, including managed rules, custom rules, bot protection, rate limiting, API protection, and security analytics.
- Experience with WAF policy design and operations, including application onboarding, traffic inspection, rule tuning, exception handling, troubleshooting, and false-positive reduction.
- Strong networking and security fundamentals, including TCP/IP, TLS, DNS, HTTP/S, certificates, routing, NAT, CDN/reverse proxy concepts, and zero trust.
- Experience supporting large-scale global environments, serving as a senior escalation point during major incidents, mentoring engineers, reviewing work, and communicating effectively across teams.
It's a bonus if you have - Experience with Terraform, Python, CI/CD, APIs, or automation for security platforms.
- Familiarity with SWG, Proxy, SASE, Secure Access, Zscaler, Prisma Access, or Palo Alto technologies.
- Experience with F5 Distributed Cloud (XC) DDoS protection, CDN traffic management, or hybrid edge architectures.
- Exposure to regulated environments or relevant certifications such as Akamai, Cloudflare, CISSP, GIAC, PCNSE, or Zscaler.
Worldpay is dedicated to offering individuals rewarding career opportunities and competitive compensation. For this full-time position, the good faith estimated annual salary range upon hire is $127,500.00-$192,525.00. This range reflects what we reasonably expect to offer based on the role's responsibilities, level, and geographic location. The actual starting salary will be determined by a candidate's experience, job-related skills, and relevant education or training. Please note that changes in work location may impact the final offered salary. We encourage you to consult with your recruiter to confirm the budget for your location and to better understand the applicable pay scale.
Candidates and applicants are advised they may redact age information from requested items like transcripts, resumes, and certificates attached to their application for positions that can be performed in Colorado.