Senior Security Engineer - Web Application Firewall (WAF)

Posted 20 Days Ago
Be an Early Applicant
Remote
Senior level
Digital Media • Gaming • Information Technology • Software • Sports • eSports
It’s simple, at DraftKings, we believe life’s more alive with skin in the game.
The Role
As a Senior Cloud and Application Security Engineer, you'll enhance cloud security, manage CDN and WAF security, integrate security into the SDLC, perform security reviews for mobile apps, and oversee comprehensive security testing while participating in escalation rotations.
Summary Generated by Built In

We're defining what it means to build and deliver the most extraordinary sports and entertainment experiences. Our global team is trailblazing new markets, developing cutting-edge products, and shaping the future of responsible gaming.
Here, "impossible" isn't part of our vocabulary. You'll face some of the toughest but most rewarding challenges of your career. They're worth it. Channeling your inner grit will accelerate your growth, help us win as a team, and create unforgettable moments for our customers.
The Crown Is Yours
As a Senior Security Engineer, you'll collaborate closely with Engineering teams to drive and evolve our web application firewall and application security programs. In this role, you'll focus on advancing the security of our web application firewall controls, overseeing comprehensive web and mobile application security, and proactively identifying and mitigating emerging threats. Your work will be instrumental in shaping our security strategies and contributing to the continuous growth and resilience of our technology infrastructure.
What you'll do as a Senior Security Engineer

  • Manage and enhance security for the CDN and WAF, including DoS/DDoS mitigation, credential-stuffing prevention, and overall cloud security posture improvement.
  • Integrate security into the SDLC process, conducting SAST, DAST, and Secure Code Reviews throughout all development phases.
  • Perform and oversee security reviews for Android and iOS applications, including vulnerability research, reproduction, and remediation.
  • Conduct comprehensive security testing of mobile application workflows (iPhone and Android), addressing identified security issues.
  • Participate in periodic off-hours escalation rotations for application security.


What you'll bring

  • At least 5 years of experience in CDN, WAF, DDoS, and bot prevention technologies (e.g., Akamai, Fastly, Cloudflare).
  • Proficient in web and mobile application security testing for Android and iOS platforms.
  • Expertise in DevOps practices, including CI/CD pipelines and automation tools (e.g., Terraform, Jenkins, Artifactory, Octopus Deploy), and container technologies like Docker, Kubernetes, and their cloud-managed counterparts (AWS EKS, GCP GKE)


#LI-BF1
Join Our Team
We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role.
The US base salary range for this full-time position is 104,000.00 USD - 130,000.00 USD, plus bonus, equity, and benefits as applicable. Our salary ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Top Skills

AWS
GCP

What the Team is Saying

Nir
Nate
Sarah
Ivett
Mincho
Kalina
Graham
Michelle
The Company
New York, NY
4,500 Employees
Hybrid Workplace
Year Founded: 2012

What We Do

DraftKings is a global digital sports entertainment and technology company created to fuel the competitive spirit of sports fans with products that range across daily fantasy, regulated gaming, and digital media.

Founded in 2012 by Jason Robins, Matt Kalish, and Paul Liberman – DraftKings’ vision is to be one of the world’s largest and most beloved digitally-led consumer companies, reaching people all over the world and creating incredible and engaging experiences for our customers.

More than 4,000 teammates in six countries work together to create our world-class products. We're inspired by our shared passion for developing creative solutions to complex challenges and empowering the people around us to do their best work. We are industry leaders in the digital entertainment and technology space and are propelled by constant curiosity and diverse perspectives. From our engineering team, to our marketing team, to our customer experience team – our people have taken DraftKings from an industry disrupter to an iconic sports brand, and we’re only getting started.

Why Work With Us

We are fueled by our passion for developing the next generation of products for our customers. We empower our teammates to do their best by solving complex and unique challenges together. Whether you’re data-obsessed, tech-driven, or love working with different people each day, you know that DraftKings is here to support your next big idea.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

DraftKings Teams

Team
The Offense Driving Innovation
About our Teams

DraftKings Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Not Specified
New York, NY

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account