Sr. WAF Security Engineer

Warner Bros. Entertainment Inc.$105K — $195K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Security, or equivalent experience.
  • 5+ years in application or network security with hands-on work in WAF/DDoS.
  • Detailed understanding of threats to consumer and digital platforms.
  • Proven expertise with at least one major WAF platform (Akamai, Fastly NGWAF, AWS WAF, Azure, etc.).
  • Experience writing/modifying WAF rules (e.g., AWS WAF, Azure custom rules).
  • Strong knowledge of HTTP/S protocols, OWASP Top 10, and API security models.
  • Proficient with log analysis tools, and scripting (Python, Bash, PowerShell).
  • Hands-on experience securing applications across various Cloud Providers (AWS, GCP, Azure).

Responsibilities

  • Implement and maintain enterprise-grade WAF and DDoS protections.
  • Develop custom firewall rules and bot mitigation controls.
  • Analyze logs to identify malicious traffic and optimize defenses.
  • Contribute to automation efforts for security configurations.
  • Identify security vulnerabilities and guide developers on remediation.
  • Lead incident response as a WAF/DDoS subject matter expert.
  • Collaborate with cross-functional teams to integrate security controls.

Benefits

  • Health insurance coverage.
  • Employee wellness program.
  • Life and disability insurance.
  • Retirement savings plan.
  • Paid holidays, sick time, and vacation.
Full Job Description
*Must work a hybrid schedule (3 days onsite) out of our Atlanta, DC, or Silver Spring office.*

Your New Role:

As a Senior WAF Security Engineer - Edge/Perimeter, the ideal candidate is expected to:
  • Implement, configure, and maintain enterprise-grade WAF and DDoS protections across a large portfolio of properties.
  • Develop and fine-tune custom firewall rules, bot mitigation controls, and DDoS mitigation security policies.
  • Perform log analysis to identify malicious traffic patterns, false positives, and opportunities for tuning.
  • Contribute to automation efforts (infrastructure as code, CI/CD integrations, scripts) to deploy and maintain security configurations.
  • Identify security vulnerabilities and guide developers and engineers in addressing these issues
  • Participate in on-call rotation as a subject matter expert for WAF/DDoS incident response.
  • Partner with product, engineering, and operations teams to integrate WAF/Edge security controls into applications and services.
  • Provide technical guidance on perimeter security best practices within SDLC and cloud-native environments.
  • Research and stay current on the latest attack vectors, vulnerabilities, and exploits affecting web and API applications.
  • Recommend and implement improvements to strengthen defenses across the edge/perimeter layer.

Your Role Accountabilities:

Implement, configure, and maintain WAF/DDoS solutions. Develop and tune custom firewall rules, bot mitigation, and DDoS protections. Perform log and traffic analysis to identify malicious activity and optimize defenses.

Partner with product, engineering, and operations teams to integrate WAF/Edge security into applications and services. Provide guidance on best practices and support cross-team adoption of WAF/DDoS protections.

Advise technology teams and management of identified risks and treatment options. Define or revise security elements, standards, and solutions for various technologies to achieve optimal security posture while delivering on business goals

Research emerging threats and adapt defenses. Recommend enhancements to strengthen edge / WAF posture. Contribute to automation and infrastructure-as-code efforts to scale deployments.

Participate in Tentpole and product/feature launches in a WAF support role

Incident Response - Serve as an escalation point during WAF/DDoS incidents. Participate in on-call rotation to provide subject matter expertise in real-time investigations and mitigation.

Qualifications & Experiences:

  • Bachelor's degree in Computer Science, Information Security, or equivalent work experience.
  • 5+ years of experience in application or network security with direct hands-on work in WAF/DDoS solutions.
  • Detailed understanding of the threats faced directly to consumer and digital platform organizations.
  • Proven expertise with at least one major WAF platform (Akamai, Fastly NGWAF, AWS WAF, Azure, or similar).
  • Practical experience writing/modifying WAF rules (e.g., AWS WAF, Azure or Cloudflare custom rules).
  • Strong understanding of HTTP/S protocols, OWASP Top 10, and API security models.
  • Proficiency with log analysis tools, scripting (Python, Bash, PowerShell), and automation frameworks.
  • Proven hands-on experience securing application across various Cloud Providers (AWS, GCP, Azure)
  • Strong problem-solving skills with the ability to quickly analyze issues and implement effective mitigations.
  • Excellent collaboration and communication skills across security, engineering, and product teams.


Not Required but preferred experience:
  • Security certifications - CISSP, CISM, CISA, SANS, etc. Is a plus
  • Experience with infrastructure-as-code (Terraform, CloudFormation) for WAF/DDoS deployment.
  • Familiarity with CDN integrations and API Security frameworks
  • Exposure to DDoS mitigation at scale, including volumetric and application-layer attacks.


In compliance with local law, we are disclosing the compensation, or a range thereof, for roles in locations where legally required. Actual salaries will vary based on several factors, including but not limited to external market data, internal equity, location, skill set, experience, and/or performance. Base pay is just one component of Warner Bros. Discovery's total compensation package for employees. Pay Range: $105,280.00 - $195,520.00 salary per year. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Warner Bros. Discovery provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and sick time and vacation.

About Warner Bros. Entertainment Inc.

Warner Bros. Interactive Entertainment is an American video game publisher based in Burbank, California, and part of the newly-formed Global Streaming and Interactive Entertainment unit of Warner Bros. Discovery. WBIE was founded on January 14, 2004 under Warner Bros. and transferred to the Home Entertainment division when that company was formed in October 2005. WBIE manages the wholly owned game development studios TT Games, Rocksteady Studios, NetherRealm Studios, Monolith Productions, WB Games Boston, Avalanche Software, and WB Games Montréal, among others.
Learn more about Warner Bros. Entertainment Inc.
Industry
Founded
1918

Similar Jobs

More Jobs at Warner Bros. Entertainment Inc.

More Information Technology Jobs

Find similar Sr. WAF Security Engineer jobs: