Work Schedule
Standard (Mon-Fri)
Environmental Conditions
Office
Job Description
Position Summary
The Senior Manager, Web Protection will lead the strategy, execution, and continuous improvement of web security and traffic protection across mission-critical digital platforms, including high-traffic and revenue-generating properties (e.g., eCommerce).
This role operates within a large, global enterprise environment and is responsible for leading a distributed team across China, India, Mexico, and Costa Rica, while driving enterprise-scale programs and remediation efforts across 500+ product teams.
Key Responsibilities
- Lead and manage a globally distributed team, establishing a follow-the-sun model for 24/7 operations.
- Define and execute the enterprise web protection strategy, including WAF, bot mitigation, and traffic security.
- Drive large-scale remediation programs addressing web vulnerabilities, misconfigurations, and legacy risks across hundreds of applications.
- Provide technical leadership for:
- Akamai (preferred) or equivalent CDN/WAF platforms
- Bot management solutions
- NGINX-based architectures and Kubernetes environments
- Establish and oversee DNS and domain governance, including routing, failover, and security practices.
- Ensure reliable and compliant web delivery in Mainland China, including ICP licensing and Great Firewall (GFW) considerations.
- Lead response to high-impact incidents affecting availability, performance, or security.
- Partner with Engineering, SRE, and Product teams to embed DevSecOps practices.
- Ensure alignment with PCI-DSS, SOC 2, and GxP compliance requirements.
- Manage strategic vendor relationships (e.g., Akamai) and drive tooling standardization.
Required Qualifications
- 10+ years of experience in web security, infrastructure, or application delivery.
- 5+ years of experience leading globally distributed technical teams.
- Proven experience leading enterprise-scale programs and remediation efforts across large, complex organizations.
Technical Expertise
- Strong hands-on experience with:
- Akamai (preferred) or equivalent CDN/WAF platforms
- Bot management and mitigation
- NGINX and modern traffic routing architectures
- Kubernetes (K8s) environments
- Deep understanding of:
- HTTP/HTTPS protocols
- DNS and domain architecture
- Web application security (OWASP Top 10)
Additional Requirements
- Experience supporting high-availability, revenue-critical platforms, such as eCommerce.
- Direct experience operating in Mainland China, including:
- ICP licensing requirements
- Great Firewall (GFW) constraints
- Strong knowledge of PCI-DSS, SOC 2, and GxP compliance frameworks.
- Demonstrated ability to influence and drive change across large, federated organizations.
Key Competencies
- Global leadership and cross-cultural team management
- Enterprise-scale program execution
- Strong technical depth and decision-making ability
- Stakeholder management and executive communication
- Ability to operate effectively in high-pressure environments
What Success Looks Like
- Effective 24/7 global web protection operations
- Adoption of standards across 500+ product teams
- Measurable reduction in web security risk at scale
- Strong compliance posture across regulated environments
- High-performing, globally aligned team