Platform Security Engineer
Confirmed live in the last 24 hours
ALO Yoga
Compensation
$140,000 - $180,000/year
Job Description
WHY JOIN ALO?
Mindful movement. It’s at the core of why we do what we do at ALO—it’s our calling. Because mindful movement in the studio leads to better living. It changes who yogis are off the mat, making their lives and their communities better. That’s the real meaning of studio-to-street: taking the consciousness from practice on the mat and putting it into practice in life.
WHY JOIN ALO?
Mindful movement. It’s at the core of why we do what we do at ALO—it’s our calling. Because mindful movement in the studio leads to better living. It changes who yogis are off the mat, making their lives and their communities better. That’s the real meaning of studio-to-street: taking the consciousness from practice on the mat and putting it into practice in life.
OVERVIEW
We are seeking a highly skilled Platform Security Engineer with deep, hands-on expertise in CDN security, DDoS mitigation, Web Application Firewall (WAF) management, and bot defense. In this role, you will own and advance Alo’s edge and application security posture across our high-traffic e-commerce and digital platforms. You will be the subject-matter expert for all CDN security decisions—from designing bot management policies to tuning WAF rule sets to leading DDoS response—while also driving security across our cloud infrastructure, CI/CD pipelines, and container environments.
RESPONSIBILITIES
- CDN, WAF & Edge Security (Primary Focus)
- Own the full lifecycle of CDN security configuration across enterprise platforms (Akamai, Cloudflare, Fastly, or equivalent), including origin shield, TLS/SSL policy, and traffic routing.
- Design, implement, and continuously tune Web Application Firewall rule sets—including OWASP Core Rule Set customization, rate limiting, geo-restrictions, and virtual patching for emerging vulnerabilities.
- Lead DDoS mitigation strategy and incident response for both volumetric (L3/L4) and application-layer (L7) attacks; develop runbooks, define thresholds, and coordinate with CDN vendors during active events.
- Configure and manage botmanagement platforms (e.g., Akamai Bot Manager, Cloudflare Bot Management, DataDome, or equivalent), including policy creation, bot classification logic, CAPTCHA challenge rules, and false-positive tuning.
- Analyze CDN traffic logs, security dashboards, and threat intelligence feeds to identifyanomalous patterns, emerging attack campaigns, and opportunities to harden edge policies proactively.
- Develop and maintainrate limiting, IP reputation management, and client fingerprinting policies to defend against credential stuffing, scraping, account takeover, and API abuse.
- Partner with CDN and security vendors on escalated threat investigations, platform capabilitie
Similar Jobs
Five9
Sr Staff Cloud Platform Engineer
Five9
Sr Staff Cloud Platform Engineer
Sentry
Senior Security Engineer, Application & Platform Security
Sentry
Senior Security Engineer, Application & Platform Security
Sentry
Senior Security Engineer, Application & Platform Security
Braze