Lead Cybersecurity WAF Engineer

Based onsite in Atlanta, Cox Automotive seeks a Lead Cybersecurity WAF Engineer to own the enterprise web application firewall program across public-facing sites and APIs. This leadership role centers on defining strategy, architecture, and incident response, collaborating with cross-functional teams to strengthen protections for Cox’s external-facing assets and help ensure secure-by-default practices across engineering teams.

Responsibilities

• Lead the enterprise WAF program, shaping strategy, patterns, and standards in partnership with the architecture team to elevate protections for all public-facing sites and APIs.
• Review WAF rules to identify improvements and present recommended changes to enhance the protections the WAF provides.
• Collaborate with security architecture on long-term WAF strategy, including technology standards, architectural patterns, and security roadmaps.
• Develop and maintain runbooks and playbooks, plus threat-specific WAF tuning strategies, and lead the creation and ongoing refinement of automated detection and response triggers.
• Conduct cyber engineering trend analysis and reporting, defining and recommending tool, infrastructure, and related improvements.
• Propose and review plans and policies to strengthen the overall security environment.
• Participate in security events and incident response to identify gaps in design during incidents such as botnet spikes or Layer 7 attacks and propose preventive solutions.
• Research and evaluate emerging security trends, threats, and technologies, recommending appropriate solutions and enhancements.
• Partner closely with AppSec, Cyber Defense, and Engineering teams to drive secure-by-default adoption.

Requirements

• Bachelor’s degree in a related discipline with 6 years of experience in a related field; alternative combinations include master’s degree with 4 years, PhD with 1 year, or 18 years of experience.
• At least 4 years focused on cybersecurity with at least 2 years managing enterprise WAF.
• Expert-level experience architecting, implementing, and operating enterprise WAF solutions across multiple environments.
• Deep knowledge of how network traffic routes between clients and servers across the internet, including DNS, HTTP/S, and CDN/edge routing.
• Ability to clearly articulate the objectives of cybersecurity policies and procedures to both technical and non-technical stakeholders.
• Proven experience leading technical initiatives and mentoring engineering teams.
• Excellent customer service, communication, writing, and presentation skills.
• Ability to foster a productive working environment with stakeholders and collaborate with Cox cybersecurity teams to implement best practices.
• Consultative approach to navigating controversial or complex topics with employees, leaders, and senior leadership.
• Proficiency in Python and Terraform.
• Creative problem solving of complex cybersecurity challenges with solid business acumen.
• Experience with Agile methodologies and DevSecOps.
• Track record of initiating change and deploying solutions in Fortune 1000 companies.
• Knowledge of cybersecurity frameworks (ISO 27000, NIST, FFIEC) and regulations relevant to architectural requirements (GDPR, FFIEC, GLBA).

Technologies

• Python
• Terraform
• Fortify
• BurpSuite
• Wiz
• AWS, GCP, Azure
• EKS, ECS, Lambda, Fargate
• .NET framework, Mono, Spring frameworks
• Oracle
• SAML, OAuth, OIDC
• IAM

Benefits

• Flexible vacation with pay
• Seven paid holidays throughout the calendar year
• Up to 160 hours of paid wellness annually for personal or family wellness
• Bereavement leave
• Time off to vote
• Jury duty leave
• Volunteer time off
• Military leave
• Parental leave
• EOE, including disability and veterans

Compensation

USD 122,600 - 204,400 per year. The base salary falls within this range and may vary depending on the location and the candidate’s knowledge, skills, and abilities. Additional compensation, such as an incentive program, may be available.

Minimum Qualifications

• Bachelor’s degree in a related discipline with 6 years of experience, or alternative combinations as described under Requirements.
• At least 4 years focused on cybersecurity with at least 2 years managing enterprise WAF.
• Expertise in architecting, implementing, and operating enterprise WAF solutions across multiple environments.
• Strong understanding of network traffic routing concepts (DNS, HTTP/S, CDN/edge routing).
• Ability to articulate cybersecurity policy objectives to diverse audiences.
• Proven leadership in technical initiatives and mentoring engineering teams.
• Excellent customer service, writing, and presentation skills.
• Collaborative approach with stakeholders and other Cox cybersecurity teams.
• Consultative communication style for complex topics with various audiences.
• Proficiency in Python and Terraform.
• Strong problem-solving skills with business acumen.
• Experience with Agile and DevSecOps practices.
• Experience deploying solutions in Fortune 1000 environments.
• Knowledge of cybersecurity frameworks (ISO 27000, NIST, FFIEC) and relevant regulations (GDPR, FFIEC, GLBA).

Preferred Qualifications

• Knowledge of current cybersecurity and technology architectures such as zero trust, IaaS, PaaS, SaaS, virtualization, and containerization.
• Strong familiarity with cloud containers and serverless platforms (EKS, ECS, Lambda, Fargate).
• Experience with security testing tools like Fortify, BurpSuite, and Wiz.
• Broad technology expertise across .NET, Mono, Spring, Oracle, serverless, cloud patterns, and authentication mechanisms.
• Experience with cloud providers (AWS, GCP, Azure) and on-premises infrastructure.
• Design and development of cybersecurity methodologies across cloud and on-prem hosting and application layers.
• Knowledge of IAM, cryptography, secrets management, access controls, and security protocols (MFA, SAML, OAuth, OIDC).
• Experience with firewall and web application firewall technologies and edge services, including DMZ architectures.
• AWS Well-Architected Framework knowledge.
• Experience in national critical infrastructure sectors or with Big Four/Fortune 500 firms.
• Relevant certifications (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA).