symplr · 16 hours ago
Senior Web Application Firewall (WAF) Engineer
UNAVAILABLE, UNAVAILABLE, US
Full-time
Onsite
Mid, Senior Level
$130K/yr - $150K/yr
4+ years expsymplr is seeking a Senior Web Application Firewall (WAF) Engineer responsible for the design, deployment, and ongoing management of enterprise-grade WAF solutions. The role requires advanced technical expertise to safeguard web applications and involves collaboration with cross-functional teams to implement security measures and optimize WAF configurations.
Health CareInformation TechnologySoftware
Responsibilities
Drive enterprise standard WAF solution (i.e., Cloudflare-first) security strategy and champion best practices across engineering and product teams
Design, engineer, and maintain Web Application Firewall solutions to protect enterprise applications
Develop and enforce WAF policies to align with organizational security standards to ensure optimal security posture and minimal false positives
Develop advanced alerts, dashboards, and reports to meet stakeholder requirements
Automate WAF management tasks and integrate workflows with other security tools
Collaborate with Information Security, Product, Engineering, and DevOps teams to define and implement security use cases
Create and fine-tunes WAF rules/signatures to mitigate emerging threats and vulnerabilities
Monitor performance metrics and risk indicators to ensure continuous improvement
Act as the primary liaison with WAF vendors for escalations, feature enhancements, and roadmap alignment
Support incident response activities related to web application security threats
Qualification
Required
University degree in Information Security, Computer Science, Computer Engineering, Information Technology (or equivalent of education and work experience)
Minimum of 4-5 years of relevant corporate information security industry experience
One or more of the following certifications: CISSP, CSSLP, CISM, CCSP
Knowledge of cybersecurity frameworks and relevant regulatory requirements
Proven technical experience in enterprise WAF configuration and management
Technical understanding of systems, applications, and databases
Technical expertise in cloud infrastructure and services platforms (AWS and Azure preferred)
Excellent communication skills at all organizational levels
Strong project management and time management skills
High level of personal integrity and ability to professionally handle confidential matters
Capable of acting calmly and managing incidents under high pressure and stress
Capable of multitasking in a fast paced, multifaceted environment
Ability to work well with customers, peers, and management
Proficient with the Microsoft Office Suite, Visio, and SharePoint
Technical experience in OWASP web application and web services security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks
Solid understanding of web applications, web servers, application firewalls, and protocols with respect to web application development, deployment, and operation
Deep experience with Cloudflare WAF, including advanced rule creation, custom policies, and performance tuning
Experience with Cloudflare's security ecosystem (e.g., CDN, DDoS protection, bot management, API security)
Ability to leverage Cloudflare analytics and dashboards for proactive threat detection and reporting
Expertise in Cloudflare API integration for automation and advanced configuration
Strong understanding and experience in Barracuda and AWS WAF platforms for enterprise security deployments
Strong understanding of AWS technologies, including networking and security services
Strong understanding of web application architecture, protocols, and security principles
Experience with scripting languages such as Python, PowerShell, or Perl for automation
Knowledge of OWASP Top 10 vulnerabilities and mitigation strategies
Understanding of PKI, SSL/TLS, and secure communication protocols
Ability to analyze and respond to complex security incidents involving web applications
Understanding of TCP/IP, web protocols and networking concepts
Understanding of incident response processes
Preferred
Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology (or equivalent of education and work experience)
5+ years of relevant corporate information security industry experience
Proven technical experience in Cloudflare WAF configuration and management
AWS Cloud Security and/or Microsoft Azure Security certifications are a plus
Familiarity with DevOps toolchain (e.g. Terraform, Jenkins)
Familiarity with cloud security, including but not limited to CSPM, CASB, DLP, IAM, and vulnerability management
Familiarity with technical skills in enterprise security and networking protocols
Demonstrated experience and knowledge of relevant regulatory and security framework requirements, such as The U.S. Health Insurance Portability and Accountability Act (HIPAA) and NIST 800 and ISO/IEC 27001/27002
Previous working experience in healthcare technology environments
Company
symplr
Symplr is a provider of healthcare governance, risk, and compliance solutions and services.
1001-5000 employees
H1B Sponsorship
symplr has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (3)
2023 (1)
2022 (6)
2021 (1)
2020 (6)
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
Charlesbank Capital PartnersPamlico Capital
2022-01-05Private Equity
2021-07-12Private Equity
2018-10-23Acquired
Leadership Team
Hugo Doetsch
Chief Financial Officer
Patrick Birmingham
Executive Vice President, Credentialing Operations
Recent News
2025-11-10
SalesTech Star
2025-11-08
Company data provided by crunchbase