Senior Security Engineer - Web Application Firewall (WAF)

Posted 10 Days Ago
Hiring Remotely in United States
Remote
Senior level
Digital Media • Gaming • Information Technology • Software • Sports • eSports • Big Data Analytics
The Crown Is Yours
The Role
The Senior Cloud and AppSec Engineer will enhance security in cloud workloads, manage application security, integrate security into SDLC, conduct testing for mobile applications, and participate in threat mitigation efforts, collaborating closely with engineering teams.
Summary Generated by Built In

We're defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.
Here, "impossible" isn't part of our vocabulary. You'll face some of the toughest but most rewarding challenges of your career. They're worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers.
The Crown Is Yours
As a Senior Security Engineer, you'll collaborate closely with Engineering teams to drive and evolve our web application firewall and application security programs. In this role, you'll focus on advancing the security of our web application firewall controls, overseeing comprehensive web and mobile application security, and proactively identifying and mitigating emerging threats. Your work will be instrumental in shaping our security strategies and contributing to the continuous growth and resilience of our technology infrastructure.
What you'll do as a Senior Security Engineer

  • Manage and enhance security for the CDN and WAF, including DoS/DDoS mitigation, credential-stuffing prevention, and overall cloud security posture improvement.
  • Integrate security into the SDLC process, conducting SAST, DAST, and Secure Code Reviews throughout all development phases.
  • Perform and oversee security reviews for Android and iOS applications, including vulnerability research, reproduction, and remediation.
  • Conduct comprehensive security testing of mobile application workflows (iPhone and Android), addressing identified security issues.
  • Participate in periodic off-hours escalation rotations for application security.


What you'll bring

  • At least 5 years of experience in CDN, WAF, DDoS, and bot prevention technologies (e.g., Akamai, Fastly, Cloudflare).
  • Proficient in web and mobile application security testing for Android and iOS platforms.
  • Expertise in DevOps practices, including CI/CD pipelines and automation tools (e.g., Terraform, Jenkins, Artifactory, Octopus Deploy), and container technologies like Docker, Kubernetes, and their cloud-managed counterparts (AWS EKS, GCP GKE)


#LI-BF1
Join Our Team
We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role.
The US base salary range for this full-time position is 104,000.00 USD - 130,000.00 USD, plus bonus, equity, and benefits as applicable. Our salary ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Top Skills

AWS
GCP

What the Team is Saying

Nir
Nate
Sarah
Ivett
Mincho
Kalina
Graham
Michelle
The Company
HQ: Boston, MA
5,300 Employees
Hybrid Workplace
Year Founded: 2012

What We Do

It's simple, at DraftKings, we believe life is more fun when you're in on the action. For that reason, we’re committed to responsibly creating the world’s favorite games and betting experiences. We’re developing the most innovative and entertaining real money products and offers; to forever transform how people experience sports; to be a fully vertically integrated sports betting operator. It's our ultimate goal to build the best, most trusted, and most customer-centric destination for our players.

We’re defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.

Why Work With Us

Here, “impossible” isn’t part of our vocabulary. You’ll face some of the toughest but most rewarding challenges of your career. They’re worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers. Ready to own what’s next?

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

DraftKings Teams

Team
The Offense Driving Innovation
Team
Engineering
Team
Product
About our Teams

DraftKings Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Not Specified
HQBoston, MA
BG
US
Dublin, D02 N279
Hoboken, NJ
Houston, TX
Las Vegas, NV
London, GB
New York, NY
Sofia, BG
Tel Aviv-Yafo, IL
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account