- You will design, implement, and continuously improve cloud network security controls with a focus on WAF tuning, DDoS detection, and mitigation across AWS, Azure, and GCP.

- You will optimize WAF rules to minimize false positives while protecting against OWASP Top 10 threats and application-specific risks.

- You will enhance DDoS strategies across L3-L7, monitor anomalies, validate mitigation effectiveness, and support investigations with SOC and threat intelligence teams.

- You will implement network security and DDoS safeguards as code using Terraform, Bicep, CDK, or similar, ensuring consistent multi-cloud governance.

- You will analyze logs and telemetry to identify abuse patterns and integrate visibility into SIEM platforms.

- You will define standards for cloud Firewalls, WAF, and DDoS configurations, support audits, partner with engineering and DevOps teams on secure architectures, and provide L2/L3 support for escalated security issues.

What you bring :

- You bring 5+ years of cloud or network security engineering experience and expert hands-on knowledge of AWS WAF, Azure WAF, and Cloud Armor.

- You have strong skills in WAF rule tuning, DDoS mitigation techniques, and cloud network security controls such as NSGs, Firewalls, and zero-trust principles.

- You are skilled in Terraform or similar IaC/PaC tools, with Scripting abilities in Python or Bash.

- You understand DevSecOps integration, multi-cloud environments, and analysing logs for threat patterns.

- Cloud security certifications are a plus.