Lead Cybersecurity WAF Engineer

The Cox Automotive team is seeking a Lead Cybersecurity WAF Engineer to own the enterprise web application firewall strategy, architecture, and incident response across public-facing sites and APIs. This onsite role in Atlanta, GA collaborates closely with AppSec, Cyber Defense, and Engineering teams to strengthen security across the digital footprint.

Responsibilities

• Lead the enterprise WAF program, defining strategy, patterns, and standards in partnership with the architecture team.
• Review WAF rules to identify improvements and communicate recommended changes to boost protections.
• Collaborate with security architecture on long-term WAF strategy, including standards, architectural patterns, and security roadmaps.
• Create and maintain runbooks and playbooks, and develop threat-specific WAF tuning strategies. Drive ongoing improvement of runbooks, playbooks, and automated detection triggers.
• Conduct cyber engineering trend analysis and reporting, recommending tool, infrastructure, and process improvements.
• Advise on plans and policies to enhance the overall security environment.
• Participate in security events and incident response to identify gaps and propose solutions to prevent recurrence.
• Research and assess emerging security trends, threats, and technologies, recommending appropriate solutions and enhancements.
• Partner closely with AppSec, Cyber Defense, and Engineering teams to promote secure-by-default practices.

Requirements

• Bachelor's degree in a related field with 6 years of related experience; alternative combinations include master's degree with 4 years, PhD with 1 year, or 18 years of related experience.
• At least 4 years focused on cybersecurity with at least 2 years managing enterprise WAF.
• Demonstrated expert-level experience architecting, implementing, and operating enterprise WAF solutions across multiple environments.
• Deep knowledge of how network traffic routes between clients and servers across the internet (DNS, HTTP/S, CDN/edge routing).
• Ability to clearly articulate cybersecurity policy objectives to technical and non-technical stakeholders.
• Proven experience leading technical initiatives and mentoring engineering teams.
• Excellent customer service, writing, and presentation skills.
• Ability to build a strong, productive working environment with key stakeholders and collaborate with Cox cybersecurity teams to implement best practices.
• Consultative approach to addressing controversial or complex topics with employees, leaders, and senior leadership.
• Proficiency in Python and Terraform.
• Creative problem solving for complex cybersecurity challenges with pragmatic business acumen.
• Experience with Agile methodologies and DevSecOps.
• Experience initiating change and deploying solutions in Fortune 1000 companies.
• Knowledge of cybersecurity frameworks (ISO 27000, NIST, FFIEC) and relevant regulations (GDPR, FFIEC, GLBA) guiding architectural requirements.

Preferred Qualifications

• Knowledge of current cybersecurity and technology architectures such as zero trust, IaaS, PaaS, SaaS, virtualization, and containerization.
• Strong understanding of cloud containers and serverless platforms (EKS, ECS, Lambda, Fargate).
• Experience with security testing tools such as Fortify, BurpSuite, and Wiz.
• Extensive knowledge across multiple technology areas including .NET framework, Mono, Spring, Oracle, serverless, cloud patterns, cloud services, and authentication systems.
• Experience with cloud infrastructure (AWS, GCP, Azure) and on-premises infrastructure.
• Experience designing cybersecurity standard methodologies for all layers of hosting and application stacks in cloud and on-prem environments.
• Knowledge of IAM, cryptography, secrets management, access controls, and security protocols (multi-factor authentication, SAML, OAuth, OIDC).
• Experience with firewalls, web application firewalls, edge services, and network architectures including DMZ.
• AWS Well-Architected Framework experience.
• Experience in national critical infrastructure industries (telecommunications, financial services, defense, government).
• Big Four or Fortune 500 company experience.
• Relevant industry certifications (CISSP, CEH, OSCP, Azure, AWS, CISM, CISA).

Technologies

• Python
• Terraform
• Fortify
• BurpSuite
• Wiz
• AWS, GCP, Azure
• EKS, ECS, Lambda, Fargate
• .NET Framework, Mono, Spring
• Oracle
• SAML, OAuth, OIDC, IAM

Benefits

• Flexible vacation with pay
• Seven paid holidays throughout the calendar year
• Up to 160 hours of paid wellness annually for self or family
• Bereavement leave
• Time off to vote
• Jury duty leave
• Volunteer time off
• Military leave
• Parental leave
• EOE including disability and veterans

Compensation

USD 122,600 - 204,400 per year. The base salary falls within this range and may vary based on location and the candidate's qualifications. The position may be eligible for additional compensation such as an incentive program.