Senior Security Platform Engineer - 5462

Senior Security Platform Engineer - 5462

12-month contract

1 day a week onsite (Toronto or Waterloo)

The Senior Security Platform Engineer is responsible for effectively planning, designing, implementing, and monitoring security technologies and projects that support our client's security policies and procedures. Your primary responsibilities will be Supporting in Scope Platform and Products and developing use case scenarios, enhancing the security of our client's corporate and production systems. You will work closely with Enterprise Infrastructure, IT operations, Enterprise Architecture, and application development teams to identify risks to the business and lead security solutions to protect customer and financial information.

The successful candidate must be able to interpret complex information, adapt as needed and have a deep understanding of security risks, data impact and controls to help mitigate the risk and provide countermeasures.

A Senior Security Platform Engineer will take a lead role in the design, implementation, and optimization of security infrastructures, with a focus on Security content platform’s suite of web application protection technologies. You will spearhead initiatives to safeguard our web applications from advanced threats, oversee the enhancement of existing security controls, and mentor junior engineers. In this role, you will collaborate closely with cross-functional teams to ensure the security, performance, and reliability of web applications across the organization.

Accountabilities:

Security Content Platform Leadership: Serve as the subject matter expert for Akamai’s security products, including Web Application Firewall (WAF), Kona Site Defender, Bot Manager, and Prolexic DDoS protection.

Architect and Optimize: Design and implement scalable and secure architectures for web applications using Akamai’s security solutions. Continuously tune and enhance Akamai configurations for optimal security and performance.

Threat Detection & Response: Lead the monitoring, identification, and mitigation of real-time security threats, including bot attacks, DDoS campaigns, and web-based exploits. Develop response playbooks and automated remediation workflows.

Custom Rule Development: Oversee the development and fine-tuning of custom rules and policies for Akamai WAF, tailoring security controls to evolving threats while maintaining application performance.

Security Automation: Lead efforts to automate security processes and policy management using tools and scripting languages (e.g., Python, Bash). Implement automation for the continuous deployment of security updates.

Cross-Functional Collaboration: Act as a liaison between security, DevOps, application development, and infrastructure teams to align Akamai security solutions with business requirements and performance objectives.

Mentorship & Leadership: Provide technical mentorship and guidance to junior engineers and security team members, sharing best practices and driving continuous improvement in security operations

Incident Management & Forensics: Lead post-incident investigations, ensuring root cause analysis is performed, lessons are learned, and appropriate remediation steps are taken.

Reporting & Compliance: Ensure compliance with relevant regulations (e.g., PCI-DSS, GDPR) through robust security configurations and reporting mechanisms. Prepare and deliver detailed security metrics and reports to senior leadership.

Continuous Improvement: Stay updated on the latest web security threats, Akamai product advancements, and industry best practices. Continuously evaluate and recommend improvements to existing security architectures.

Project Leadership: Lead key security projects, including large-scale migrations, upgrades, and the introduction of new Akamai features or services. Ensure timely delivery and adherence to high standards of security.

Must Haves:

5+ years Information security and engineering experience with enterprise level security technologies in the one or more areas of: Perimeter, Endpoints, Crypto, Cloud, Email Security, Security Visibility, and Automation and Orchestration

3+ years' experience in successfully leading global information security projects.

Experience with Akamai Web Application Firewall (WAF), Kona Site Defender, Bot Manager, or Prolexic DDoS protection

An Information Technology University degree/college diploma in related discipline(s) or equivalent work experience

Nice to Have:

Certification(s) in data network engineering and/or security: CCNP/CCNP-Security, CCSP, CISSP, GIAC-GCIA, GIAC-GCED, Comptia, or equivalent security certification