Cyber Security Engineer
Job Description
LuxExperience is the leading digital, multi-brand luxury group and the online shopping destination for luxury enthusiasts worldwide. LuxExperience operates a portfolio of some of the most distinguished store brands in digital luxury and creates communities for luxury enthusiasts with unique digital and physical experiences. Mytheresa, NET-A-PORTER and MR PORTER, jointly comprising the luxury segments of LuxExperience, offer highly curated edits of the most prestigious luxury brands across the world, featuring womenswear, menswear, kidswear, fine jewelry & watches, and lifestyle products. YOOX, which forms the off-price segment of LuxExperience, is the leading destination for multi-brand off-season online luxury shopping. The NYSE listed group operates worldwide.
To support our Cyber Security team we are searching for a Cyber Security Engineer to be based in our Zola Predosa office. The Cyber Security Platform team oversees the operations of all cyber security services within the company, employing expertise across a range of technologies and tools to deliver and safeguard company assets, while ensuring the protection of both end customers and internal staff. As a specialised Cyber Security Engineer, you will be the go-to expert for our Akamai Security Platform. You will drive the analysis, technical design, configuration, and continuous tuning of our edge security solutions. Collaborating directly with development, DevOps, and infrastructure teams, you will ensure our web applications and APIs are resilient against attacks, highly available, and fully optimized. Some of the essentials for you to know are:
Location: Our offices in Zola Predosa / Milano, Italy
Department: Infrastructure and Operations – Cyber Security
Reporting into: Cyber Security Platform Manager
Working Model: Hybrid
Contract Type: Permanent
Here is a breakdown of what you’ll be doing:
- Edge Security Management: Design, provision, configure, and maintain Akamai security configurations, specifically focusing on App & API Protector, Akamai WAF, Bot Manager and Content Protector.
- WAF & Rate Limiting Optimization: Continuously monitor and tune Web Application Firewall (WAF) rules and rate limiting policies to minimize false positives while maintaining a strict security posture against the OWASP Top 10.
- DDoS & Botnet Mitigation: Identify, analyze, and mitigate real-time DDoS attacks and malicious automated bot traffic (e.g., credential stuffing, scraping) without disrupting legitimate user traffic or search engine crawlers.
- API Security: Implement and manage security controls tailored for APIs, ensuring positive security models, schema validation, and discovery of unmanaged endpoints.
- Cross-Functional Collaboration: Partner with application developers and product teams to translate business requirements into secure, scalable edge configurations and assist in troubleshooting application-layer issues.
- Documentation & Automation: Produce clear, comprehensive technical documentation for edge configurations, incident playbooks, and operational procedures. Identify opportunities to leverage Akamai CLI, Terraform, or APIs to automate configuration management.
- Platform Lifecycle: Manage the lifecycle of security services, including monitoring platform health, reviewing Akamai release updates, and implementing platform best practices.
The type of person we are looking for:
- Enjoys working in a collaborative team environment and contributes positively to shared goals.
- Communicates effectively in English, both spoken and written, with the ability to tailor technical concepts to different audiences.
- Curious, proactive, and eager to learn, with a willingness to step outside their comfort zone to explore new technologies and approaches.
- Able to manage multiple tasks and priorities, maintaining attention to detail while delivering high‑quality output.
- Comfortable working in dynamic environments and adapting to evolving business and security needs.
Technical skills and experience:
Core Requirements (Akamai & Web Security)
- Akamai Platform Expertise: Hands-on experience managing and configuring Akamai security solutions (App & API Protector, Bot Manager, Client-Side Protection, Edge DNS).
- Web & API Security: Deep understanding of web application security principles, including the OWASP Top 10 and API Security Top 10.
- Traffic Analysis: Proficiency in analyzing HTTP/S traffic, utilizing web logs, Akamai Control Center, or SIEM dashboards to investigate alerts and anomalies.
- Network Protocols: Strong fundamental knowledge of core internet protocols, including TCP/IP, HTTP/HTTPS, and advanced DNS administration in enterprise environments.
- Certificate Management: Solid understanding of TLS/SSL certificate lifecycles, renewals, and proper implementation at the edge layer.
Secondary/Nice-to-Have Experience:
- Infrastructure Security: Familiarity with traditional firewall management principles (e.g., Check Point).
- Identity & Access: Exposure to cloud-based Secure Web Gateways (e.g., Zscaler), Multi-Factor Authentication (e.g., Duo), or Privileged Access Management (e.g., CyberArk).
- Security as Code: Experience with automation tools or scripting languages (e.g., Python, Bash, Terraform) utilized for managing Akamai configurations is a significant plus.
From the moment you join LuxExperience, we are committed to making your journey with us inspirational and evolutionary. If you are passionate, committed and thrive in a collaborative and fast-paced environment, then please apply with a CV.