Application Security Engineer - Cloudflare Specialist

Are you an expert at securing the application layer?

We are looking for a highly motivated Security Engineer to lead our Application Security & Delivery services. While we cover the full stack, this role is specifically for a specialist who understands the nuances of Layer 7 traffic and knows how to defend complex web environments against modern threats.

You will be the technical lead for our most advanced Cloudflare and Application Security deployments. Your day-to-day will involve dissecting HTTP traffic, tuning WAF rules, and building robust defenses against sophisticated bot attacks and API vulnerabilities for enterprise-scale clients.

• Layer 7 Architecture: Lead the implementation and optimization of Application Security solutions, with a primary focus on Cloudflare.
• Advanced WAF & Bot Defense: Design and fine-tune custom WAF rules, Bot Management strategies, and DDoS mitigation policies.
• API Protection: Secure client API ecosystems against OWASP Top 10 threats and unauthorized access.
• L7 Troubleshooting: Solve deep-level issues involving SSL/TLS handshakes, SNI, HTTP headers, and caching logic.
• Performance Optimization: Assist with security configurations that don't sacrifice speed—optimizing DNS, CDN, and global load balancing.
• Professional Services: Collaborate with customers to provide technical guidance, architectural design, and expert-level documentation.
  

• 2–3+ Years of Deep Experience: Proven background in Security Engineering or Application Delivery.
• L7 Security Specialist: Hands-on experience with Cloudflare is a major advantage. Candidates with deep expertise in Radware, F5 (Big-IP/AWAF), Akamai, Reblaze, or Imperva are highly encouraged to apply.
• Protocol Authority: Expert-level understanding of the OSI Model (specifically Layers 4–7) and protocols: DNS, SSL/TLS, TCP, and HTTP(S).
• Reverse Proxy & Load Balancing: Strong experience with reverse proxy architectures, caching services, and global load balancing.
• Technical Tooling: Proficient with Linux and command-line diagnostics (curl, dig, traceroute, openssl).
• Automation: Experience with APIs and scripting (Python, Bash, or JavaScript) for automating security workflows.
• Self-Driven: High self-learning ability with a proactive, independent approach to problem-solving.
  

• Background in Web Development (understanding how the code you're protecting is built).
• Experience configuring web servers like Nginx, Apache, or IIS.
• Experience with SASE/ZTNA solutions.
  

• Lead the Tech: Shape the company’s future in the Application Security space.
• Elite Client Base: Work with top-tier enterprise and SMB clients across Israel.
• Growth: Join a high-impact leadership team in a rapidly expanding integration company.

📍 Location: Holon, Israel

🏢 Type: Full Time | B2B Cybersecurity Services