Sr. Security Engineer, WAF

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

Who We Are…

When we say, "the stuff dreams are made of," we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are the
storytellers
bringing our characters to life, the
creators
bringing them to your living rooms and the
dreamers
creating what's next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

*Must work a hybrid schedule (3 days onsite) out of our Atlanta, DC, or Silver Spring office.*

Your New Role
:
 

As a Senior WAF Security Engineer – Edge/Perimeter, the ideal candidate is expected to:

• Implement, configure, and maintain enterprise-grade WAF and DDoS protections across a large portfolio of properties.
• Develop and fine-tune custom firewall rules, bot mitigation controls, and DDoS mitigation security policies.
• Perform log analysis to identify malicious traffic patterns, false positives, and opportunities for tuning.
• Contribute to automation efforts (infrastructure as code, CI/CD integrations, scripts) to deploy and maintain security configurations.
• Identify security vulnerabilities and guide developers and engineers in addressing these issues
• Participate in on-call rotation as a subject matter expert for WAF/DDoS incident response.
• Partner with product, engineering, and operations teams to integrate WAF/Edge security controls into applications and services.
• Provide technical guidance on perimeter security best practices within SDLC and cloud-native environments.
• Research and stay current on the latest attack vectors, vulnerabilities, and exploits affecting web and API applications.
• Recommend and implement improvements to strengthen defenses across the edge/perimeter layer.

Your Role Accountabilities:

Implement, configure, and maintain WAF/DDoS solutions. Develop and tune custom firewall rules, bot mitigation, and DDoS protections. Perform log and traffic analysis to identify malicious activity and optimize defenses.

Partner with product, engineering, and operations teams to integrate WAF/Edge security into applications and services. Provide guidance on best practices and support cross-team adoption of WAF/DDoS protections.

Advise technology teams and management of identified risks and treatment options. Define or revise security elements, standards, and solutions for various technologies to achieve optimal security posture while delivering on business goals

Research emerging threats and adapt defenses. Recommend enhancements to strengthen edge / WAF posture. Contribute to automation and infrastructure-as-code efforts to scale deployments.

Participate in Tentpole and product/feature launches in a WAF support role

Incident Response - Serve as an escalation point during WAF/DDoS incidents. Participate in on-call rotation to provide subject matter expertise in real-time investigations and mitigation.

Qualifications & Experiences:

• Bachelor's degree in Computer Science, Information Security, or equivalent work experience.
• 5+ years of experience in application or network security with direct hands-on work in WAF/DDoS solutions.
• Detailed understanding of the threats faced directly to consumer and digital platform organizations.
• Proven expertise with at least one major WAF platform (Akamai, Fastly NGWAF, AWS WAF, Azure, or similar).
• Practical experience writing/modifying WAF rules (e.g., AWS WAF, Azure or Cloudflare custom rules).
• Strong understanding of HTTP/S protocols, OWASP Top 10, and API security models.
• Proficiency with log analysis tools, scripting (Python, Bash, PowerShell), and automation frameworks.
• Proven hands-on experience securing application across various Cloud Providers (AWS, GCP, Azure)
• Strong problem-solving skills with the ability to quickly analyze issues and implement effective mitigations.
• Excellent collaboration and communication skills across security, engineering, and product teams.

Not Required but preferred experience:

• Security certifications - CISSP, CISM, CISA, SANS, etc. Is a plus
• Experience with infrastructure-as-code (Terraform, CloudFormation) for WAF/DDoS deployment.
• Familiarity with CDN integrations and API Security frameworks
• Exposure to DDoS mitigation at scale, including volumetric and application-layer attacks.

Additional Information

On June 9, 2025, Warner Bros. Discovery announced plans to separate into two publicly traded companies, Warner Bros. and Discovery Global, with an expected completion in mid-2026. For more details, including leadership appointments and information on individual brands, please visit our newsroom
here
.

Although you will be hired by Warner Bros. Discovery, upon the planned separation in 2026, your employment likely will transition to Warner Bros. Company or transition to Discovery Global. During this period of transformation, you'll have an exciting opportunity to lay the foundation at one of the world's premier entertainment brands.

How We Get Things Done…

This last bit is probably the most important Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at

along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

Championing Inclusion at WBD

Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.

If you're a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our
accessibility page
for instructions to submit your request.