Signet Jewelers is hiring a Web App Firewall Security Engineer to secure our enterprise ecommerce platform. In this remote role, you will provide hands-on ownership of Akamai security platforms and operational support for other WAF technologies, protecting high-traffic web applications and APIs.
What You'll Do
- Serve as the subject matter expert for enterprise WAF platforms, with primary ownership of Akamai and support for Imperva and AWS WAF
- Design, deploy, configure, and manage WAF policies protecting web applications and APIs
- Tune and optimize security rules to balance threat prevention, performance, and revenue protection
- Configure and maintain Akamai security capabilities including Bot Manager, Rate Control, and API Security
- Monitor and analyze security events, attack traffic, bot activity, and abuse patterns
- Perform ongoing rule reviews, policy optimization, and false positive reduction
- Support production change management processes and ensure stability when implementing WAF updates
- Participate in incident response activities related to web-layer and edge-based threats
- Develop and report on WAF effectiveness metrics including block accuracy and attack trends
- Maintain documentation of configurations, procedures, and operational standards
- Partner with the Application Security Team to validate exploitability of identified vulnerabilities
- Support secure deployment practices and CI/CD security integrations
- Assist development teams in understanding web-layer threats and mitigation strategies
- Develop lightweight automation scripts to improve monitoring, validation, and reporting
- Stay current with emerging web threats and platform updates
What We're Looking For
- Bachelor’s Degree in computer science, Management Information Systems, or equivalent experience
- 3–5+ years of hands-on experience operating and tuning Web Application Firewalls in enterprise or high-traffic environments
- Strong hands-on experience with Akamai security products required
- Strong understanding of web application security concepts and the OWASP Top 10
- Knowledge of HTTP, HTTPS, TLS, DNS, CDN architectures, and cloud-based environments
- Experience analyzing security logs, traffic patterns, and attack behavior
- Demonstrated ability to tune WAF policies and reduce false positives without disrupting production traffic
- Experience supporting structured production change management processes
- Basic scripting or automation experience such as Python, Bash, or REST APIs
- Strong troubleshooting, analytical, and problem-solving skills
Nice to Have
- Experience with Imperva and/or AWS WAF
- Experience supporting high-volume ecommerce or retail environments
- Familiarity with PCI security requirements
- Experience working with distributed development and DevOps teams
Technical Stack
- Akamai
- Imperva
- AWS WAF
- Python
- Bash
- REST APIs
Benefits & Compensation
- Competitive healthcare, dental & vision insurance
- 401(k) matching after one year of employment
- Generous time off + company holidays
- Merchandise discount
- Learning & Development programs
- Compensation: $106,000 - $160,000
Work Mode
This is a fully remote position.
Signet Jewelers is a people-first company focused on empowering team members, collaborating with customers, fostering communities, and inspiring diversity, inclusion, and equity.
