Cyber Engineer III - API Security

Mexico City, Mexico CityPosted 1 weeks ago

Full-timesenior

Job Description

Responsibilities & Accountabilities:

Platform engineering & design
- Lead the onboarding of new web and API workloads to Akamai, from discovery and architecture review to staging, validation, and production cutover.
- Design and implement WAF, bot management, DDoS, and rate-limiting policies tailored to application risk profiles and business requirements.
- Build reusable configuration patterns, templates, and reference architectures for common McDonald’s application types (e.g., marketing sites, e-commerce, APIs, partner integrations).
- Use Akamai APIs, automation frameworks, and infrastructure-as-code (e.g., Terraform, Python, CI/CD pipelines) to manage configurations at scale.

Security operations & tuning
- Lead incident triage and investigations for WAF, API, and bot-related events; coordinate containment, tuning, and long-term fixes.
- Analyze WAF and CDN logs to identify attacks, false positives, and evasion attempts; refine policies, exception sets, and custom rules.
- Collaborate with Security Operations, Threat Intelligence, and product security teams to map emerging threats into new or updated rulesets.
- Drive continuous improvement in detection quality, block rates, and false-positive reduction while maintaining performance SLAs.

Dev & automation focus
- Partner with developers to integrate Akamai security checks into CI/CD (e.g., automated policy promotions, pre-prod validation jobs, automated regression checks).
- Develop internal tools and scripts (Python, Bash, TypeScript, etc.) to streamline common workflows (policy cloning, bulk updates, configuration linting).
- Provide technical requirements and guidance into product roadmaps for observability, logging, and security analytics.

Governance, metrics, and leadership
- Own platform health and risk metrics (coverage, rule adoption, false positives, incident volume, MTTR) and present them regularly to leadership and stakeholders.
- Lead operational governance forums with product teams to review posture, tuning backlog, and upcoming changes.
- Mentor and coach G3 Engineers and Analysts; provide guidance on investigations, change reviews, and documentation.
- Contribute to and lead updates of SOPs, intake processes, runbooks, and standards for Akamai and E-WAAP.

10001+ employees

Chicago, Illinois, US

Technical Software Engineer

Columbus, Ohio

Senior Analyst, Cyber Defense - Threat Operations

Chicago, Illinois

Consultant, Delivery

London, England

Platform Engineer III

Hyderabad, Telangana

Manager, AI/ML Engineering

Hyderabad, Telangana

Manager, Data Operations & Management

Hyderabad, Telangana

Head of Cyber Risk Management and Resiliency

Manulife · Hong Kong

US LBM Senior Manager - Cybersecurity Operations

US LBM Holdings · Boston, MA

Detection Design Cyber Security Analyst - Assistant Vice President

Deutsche Bank · Jacksonville, FL

Information Security Manager - Cyber Risk & Regulatory

PwC · Singapore

IN-Associate-SOC-Cyber as a Service-Advisory-Chennai

PwC · Chennai, TN

IN_Senior Associate-SOC_Cyber as a Service_Advisory_Gurgaon

PwC · Gurugram, HR