Senior/Specialist Network Edge Engineer

Senior/Specialist Network Edge Engineer Job Description What You’ll do: ● Own and continuously evolve our cloud WAF stack defining and tuning rules, policies, and traffic flows to protect public APIs and frontends at scale, while proactively reducing noise and false positives. ● Build and maintain end‑to‑end HTTP/HTTPS observability, including structured logging, dashboards, alerting, and synthetic checks, so that performance issues, misconfigurations, and attacks are detected and triaged early. ● Drive WAF and networking infrastructure as code (IaC), fully integrated into CI/CD pipelines, ensuring changes are repeatable, auditable, tested, and secure, and helping to reduce configuration drift across environments. ● Design and operate VPCs and core network services (routing, DNS, VPNs, and third‑party connectivity), making sure they are resilient, scalable, and aligned with our global network and security architecture. ● Automate key deployment and configuration workflows (e.g., onboarding and decommissioning sites, rule and policy lifecycle, failover between WAF providers), minimizing manual work, human error, and operational risk. ● Lead and actively participate in incident response for network and WAF‑related security, performance, and availability events, including triggering WAF DRP procedures, executing controlled failovers, and driving post‑mortems and follow‑up remediation. ● Partner closely with Information Security and Compliance to ensure the network and WAF architecture meets regulatory and industry standards (e.g., PCI, SOX), providing audit‑ready evidence and continuously strengthening controls. ● Keep technical documentation current and actionable for architectures, traffic flows, runbooks, and configuration standards, enabling other engineering teams to move fast while maintaining a strong security and reliability posture. 1 What We Need You to Have: ● Solid, hands‑on experience managing and configuring WAFs in cloud environments (ideally multi‑provider), protecting high‑traffic web applications and APIs. ● Strong knowledge of networking and protocols (TCP/IP, HTTP/HTTPS, TLS, DNS, routing, load balancers, VPN/IPsec). ● Practical experience with at least one cloud provider (ideally AWS) and its networking components (VPC, subnets, security groups, NACLs, routing, load balancers). ● Real‑world experience with Infrastructure as Code (Terraform or similar) and CI/CD pipelines to manage network and WAF changes. ● Experience in observability and monitoring: log, metric and trace analysis, building actionable dashboards and alerts (latency, errors, throughput, anomalous traffic patterns). ● Strong communication and cross‑team collaboration skills (Networking, Security, Platform, Product), with English good enough to document and coordinate in writing and in calls. ● English Would be Awesome if You Had: ● Exposure to PCI-DSS framework or any other relevant security standard will be valued; ● Good knowledge of security architectures, both monoliths and microservices, including how they are developed and operate at scale; ● Good understanding about Machine learning, RAG, and LLM logic in context of security results. ● Previous work in high‑criticality environments (payments, fintech, banking, global e‑commerce) where availability and latency are key. 2 ● Background as a network/security architect, able to propose end‑to‑end designs (multi‑WAF, multi‑cloud, DRP, zero‑trust, etc.) and explain technical and business trade‑offs.

Would be Awesome if You Had:

Exposure to PCI-DSS framework or any other relevant security standard will be valued;

Good knowledge of security architectures, both monoliths and microservices, including how they are developed and operate at scale;

Good understanding about Machine learning, RAG, and LLM logic in context of security results.

Previous work in high‑criticality environments (payments, fintech, banking, global e‑commerce) where availability and latency are key.

Background as a network/security architect, able to propose end‑to‑end designs (multi‑WAF, multi‑cloud, DRP, zero‑trust, etc.) and explain technical and business trade‑offs.