Senior Cloud Security Specialist

We are looking for a highly skilled and motivated Senior Cloud Security Specialist to join our team, where you will play a pivotal role in strengthening our cloud security infrastructure. This position focuses on managing and optimizing Web Application Firewall (WAF) configurations, analyzing traffic logs, and collaborating with cross-functional teams to ensure robust cloud security measures across all business-critical websites and domains.

This position offers remote setup with the flexibility to work from any location in Georgia, whether it's your home, well-equipped offices in Tbilisi and Batumi or a coworking space in Kutaisi.

Responsibilities

• Deploy and audit baseline WAF rules across all in-scope websites and domains using internal tooling
• Review WAF logs in Cloudflare to identify legitimate traffic and assess rule impact
• Transition WAF rules from log mode to block mode following thorough analysis and stakeholder approval
• Apply and manage exceptions to WAF rules, ensuring minimal impact on security posture
• Raise and manage ServiceNow change requests for rule updates and deployments
• Maintain and update weekly progress reports and tracker spreadsheets for leadership visibility
• Collaborate with internal stakeholders including website owners, InfoSec, and platform teams
• Use GitHub-hosted tools and scripts to automate and streamline rule deployment and reporting

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field
• 3+ years of experience in managing cloud security infrastructure
• Strong understanding of Cloudflare WAF, including Managed Rulesets, OWASP Core Ruleset, and WAF Attack Score
• Proficiency in Linux command line, bash scripting, and tools like jq for JSON parsing
• Experience with log analysis and identifying false positives in HTTP event logs
• Familiarity with Cloudflare dashboard and filtering techniques (IP, ASN, request paths)
• Working knowledge of GitHub for accessing and managing internal tools
• Excellent command of written and spoken English (B2+ level)

Nice to have

• Background in Information Security, DevSecOps, or Security Operations
• Familiarity with networking concepts (e.g., IP addresses, ASNs)

We offer

• We connect like-minded people
• Delivering innovative solutions to industry leaders, making a global impact
• Enjoyable working environment, whether it is the vibrant office or the comfort of your own home
• Opportunity to work abroad for up to two months per year
• Relocation opportunities within our offices in 55+ countries
• Corporate and social events
• We invest in your growth
• Leadership development, career advising, soft skills and well-being programs
• Certifications, including GCP, Azure and AWS
• Unlimited access to LinkedIn Learning and Get Abstract
• Free English classes with certified teachers
• We cover it all
• Participation in the Employee Stock Purchase Plan
• Monetary bonuses for engaging in the referral program
• Comprehensive medical & family care package
• Five trust days per year (sick leave without a medical certificate)
• Benefits package (sports activities, a variety of stores and services)

EPAM Georgia is a team of innovators united by a passion for technology. The dynamic and inclusive culture we embrace helps positively impact our communities, clients, and employees. Here you will collaborate with multi-national teams, contribute to numerous cutting-edge projects, deliver the most creative solutions, and have an opportunity to learn. Our people are at the heart of our success, and we are proud to provide talents with a solid ground to develop and grow.