Systems and Infrastructure Engineer III, Information Security-Web Security

Walmart•Herndon, VA

1d•Onsite

About The Position

This role is responsible for strengthening the security of all web ingress points across global eCommerce platforms. It focuses on developing and tuning WAF policies, enhancing client‑side detection and fingerprinting, managing defenses during active cyber‑attacks, and controlling scripted traffic. The position also collaborates closely with network and site reliability teams while building and operating the infrastructure that supports the organization’s overall web security posture. The Edge Ingress Security team plays a critical role in protecting our global eCommerce platforms from a wide range of online threats. From defending against web-based and DDoS attacks to managing unwanted scripted traffic and fraud, we are the gatekeepers of secure digital access. We collaborate closely with network, infrastructure, and product teams to ensure that every ingress flow—across all web properties—is secure, resilient, and adaptive to evolving threats. Our team thrives on solving complex security challenges in a fast-paced, high-impact environment. At Walmart, we prioritize innovation and data security. Our team is dedicated to maintaining a secure operating environment and preserving the trust of our customers, associates, and stakeholders. We combine a range of services and expertise to prevent fraud, detect threats, and manage digital risk and access. Our focus is on mitigating attack risks, securing cloud transformation, and fostering a culture of security and reliability within our team.

Requirements

Hands-on experience with Web Application Firewall (WAF) management and DDoS mitigation strategies
Strong knowledge of network and web protocols such as TCP/IP, IPSec, HTTPS, and SSL
Deep understanding of how web properties and Content Delivery Networks (CDNs) function
Experience with client-side fingerprinting and behavioral data collection
Proficiency with log management tools such as Splunk, Kibana, or ArcSight
Strong scripting skills in at least one language
Familiarity with cloud platforms including Azure and GCP

Nice To Haves

A security-first mindset with a solid foundation in key security domains: access control, application security, network security, and architecture
Knowledge of network and security tools and protocols, including Firewalls and DNS
Strong analytical, problem-solving, and interpersonal communication skills
A collaborative spirit with a proactive and self-driven attitude
Certification in Security+, GISF, CISSP, CCSP, or GSEC
Master’s degree in Computer Science, Information Technology, Engineering, Information Systems, Cybersecurity, or related area
Knowledge in implementing Web Content Accessibility Guidelines (WCAG) 2.2 AA standards, assistive technologies, and integrating digital accessibility seamlessly
Knowledge of accessibility best practices

Responsibilities

Create, tune, and enforce Web Application Firewall (WAF) policies across global eCommerce sites
Continuously evaluate and adapt ingress security policies based on the evolving threat landscape
Mature our client-side evaluation and fingerprinting capabilities
Assess and manage protection strategies during active cyber-attacks
Control and monitor scripted traffic across all digital properties
Collaborate with network and site reliability teams to secure all ingress points
Build, deploy, and manage security infrastructure and operations to support overall web security