Network Security Engineer (WAF)

Summary

Join GuidePoint Security as a Network Security Engineer and leverage your expertise in deploying and managing cloud-based DDoS protection and Web Application Firewall (WAF) solutions. You will design, deploy, and manage cloud-based security platforms, build custom rules for security policies and traffic optimization, and work with various teams to ensure secure traffic flow. This role involves strategic consulting and hands-on implementation, emphasizing secure traffic delivery, performance optimization, and incident mitigation. You will also conduct security assessments, assist with migrations, and stay updated on evolving threats. GuidePoint offers a remote-work environment, comprehensive benefits, and opportunities for professional growth within a rapidly expanding company.

Requirements

• 2–4 years of experience managing cloud WAF/DDoS platforms in enterprise environments
• Deep familiarity with Cloudflare and/or Akamai edge protection services
• Experience building custom page rules, rate limiting policies, or traffic filtering logic
• Strong knowledge of core networking concepts (TCP/IP, DNS, HTTP/S, load balancing, NAT, routing)
• Hands-on experience with on-premises application delivery controllers such as F5 BIG-IP, especially working with iRules, SSL offloading, and WAF modules
• Strong troubleshooting skills across application-layer traffic and network-layer protection

Responsibilities

• Design, deploy, and manage cloud-based security platforms, including WAF, DDoS mitigation, bot protection, and CDN configuration (Cloudflare, Akamai, etc.)
• Build and manage custom rules (e.g., page rules, rate limits, transform rules, iRules) to enforce security policies and traffic optimization
• Work closely with application, DevOps, and infrastructure teams to ensure secure and resilient traffic flow to internet-facing assets
• Optimize configurations for latency, performance, and availability, including global traffic routing, failover, and load balancing
• Support incident response efforts involving DDoS events or WAF bypass attempts
• Document configurations and provide operational runbooks for client handoffs or internal support teams
• Conduct WAF and edge security assessments to identify improvements or misconfigurations
• Assist in migration from or integration with on-premises platforms such as F5, including custom logic translation to cloud WAF equivalents
• Stay up to date on evolving threat actor behaviors, industry DDoS tactics, and mitigation techniques

Preferred Qualifications

• Familiarity with cloud platforms (AWS/GCP/Azure) and edge integration patterns (e.g., using Cloudflare with AWS ALB)
• Experience with automating WAF/DNS/DDoS configurations via API or Terraform
• Certifications related to Cloudflare, Akamai, F5, or network security (e.g., F5 CTS, Cloudflare Zero Trust certs)
• Experience with API security protections, client fingerprinting, and bot mitigation strategies

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option