Web App Firewall Security Engineer (Remote)

We have many opportunities available on our other career site pages. Click here to link to our careers page. Signet Jewelers is the world's largest retailer of diamond jewelry, operating more than 2,800 stores worldwide under the iconic brands: Kay Jewelers, Zales, Jared, H.Samuel, Ernest Jones, Peoples, Banter by Piercing Pagoda, Rocksbox, JamesAllen.com and Diamonds Direct. We are a people-first company and this core value is at the heart of everything we do, from empowering our valued team members, to collaborating with our customers, to fostering the communities in which we live and serve. People – and the love their actions inspire – are what drive us. We’re not only proud of the love we inspire outside our walls, we’re especially proud of the diversity, inclusion and equity we’re inspiring inside. There are dynamic career paths awaiting you – rewarding opportunities to impact the lives of others and inspire love.

POSITION SUMMARY

The WAF Security Engineer is responsible for enterprise Web Application Firewall and edge security operations protecting high-traffic ecommerce applications and APIs. This role provides hands-on ownership of Akamai security platforms and supports additional WAF technologies. This position requires strong operational discipline, deep understanding of web application threats, and the ability to balance security enforcement with availability and customer experience in production environments.

RESPONSIBILITIES

• Serve as subject matter expert for enterprise WAF platforms, with primary ownership of Akamai and operational support for Imperva and AWS WAF
• Design, deploy, configure, and manage WAF policies protecting web applications and APIs
• Tune and optimize security rules to balance threat prevention, performance, and revenue protection
• Configure and maintain Akamai security capabilities including Bot Manager, Rate Control, Client Reputation, API Security, and related protections
• Monitor and analyze security events, attack traffic, bot activity, and abuse patterns including OWASP Top 10 threats and DDoS attempts
• Perform ongoing rule reviews, policy optimization, and false positive reduction
• Support production change management processes and ensure stability when implementing WAF updates
• Participate in incident response activities related to web-layer and edge-based threats
• Develop and report on WAF effectiveness metrics including block accuracy, false positive rate