Lead Security Engineer – Cyber Platform Engineering

As the Lead Security Engineer for Cyber Platform Engineering, you will own the organization’s web and application security capabilities—designing and optimizing controls that protect critical customer‑facing and internal services from modern threats such as application‑layer attacks, API abuse, automated bots, and service disruption. Your work strengthens the resilience of the company’s digital platforms and supports secure growth.

You will collaborate with security specialists, application teams, cloud engineering, and security operations to embed scalable, secure patterns across core platforms. This role requires strong technical ownership, hands‑on engineering skill, and the ability to influence secure design across a complex enterprise environment.

Key Responsibilities::
• Own and lead the organization’s web security platform and its protection capabilities.
• Implement and tune web security controls to reduce risk while maintaining performance.
• Maintain platform standards, baselines, governance, and documentation.
• Guide teams on secure onboarding of services (routing, encryption, headers, policies).
• Strengthen protections against common web/API threats and automated abuse.
• Support DDoS readiness through runbooks and exercises.
• Support security requirements for cloud migrations and platform changes.
• Use logging/telemetry tools to investigate issues and support threat analysis.
• Contribute to secure network architecture (segmentation, ingress/egress, connectivity).
• Provide direction on firewall and network protections and rule base reviews.
• Hands-on leadership and mentorship to more junior employees.
• Advance web/API protection and detection maturity and resilience.
• Improve cloud and container security posture through best practice hardening via CSPM.
• Enhance DDoS readiness and operational preparedness.
• Develop reusable, secure engineering patterns for cross team adoption.

Team and Collaboration
• Partner with application engineering, cloud platform teams, network/security architecture, and security operations to deliver unified security outcomes.
• Participate in incident response and drive follow-up improvements.
• Collaborate with domain SMEs across network, endpoint, cloud, and email security to maintain cohesive, enterprise wide protection.
• Mentor and guide engineers to embrace secure engineering practices.
• Regularly contribute to security documentation and platform standards, collaborating with team members to maintain accurate, high quality technical artifacts and ensure consistent understanding across teams.

Knowledge/Skill Requirements::
• Proven, hands‑on experience with CDN, WAF, and API protection technologies.
• Strong command of web protection concepts and implementation, including DDoS protection and bot defense.
• Extensive experience in security engineering with strong focus on web and application security within enterprise environments.
• Demonstrated ability to operate as a hands‑on technical lead with end‑to‑end ownership of platform outcomes, prioritization, and cross‑team delivery.
• Strong understanding of network security architecture and common web/cloud attack vectors, with ability to translate threat patterns into practical controls.
• Deep experience with at least one major cloud service provider.
• Working knowledge of container orchestration and container security.
• Solid background in firewall and network security: NGFW, IDS/IPS, etc.
• Experience conducting firewall rule‑base reviews (manual and automated).
• Familiarity with cloud‑delivered network protection models, including secure web gateways and Zero Trust Network Access.
• Experience with email security and threat‑detection tooling, including behavioral analysis and phishing/malware protection.
• Strong understanding of PKI, TLS, certificate lifecycle management, and trust‑model design.
• Excellent communication skills, able to explain complex technical issues clearly to technical and non‑technical audiences.