Senior Manager, Web Protection

Senior Manager, Web Protection

Position Summary

The Senior Manager, Web Protection will lead the strategy, execution, and continuous improvement of web security and traffic protection across mission-critical digital platforms, including high-traffic and revenue-generating properties (e.g., eCommerce). This role operates within a large, global enterprise environment and is responsible for leading a distributed team across China, India, Mexico, and Costa Rica, while driving enterprise-scale programs and remediation efforts across 500+ product teams.

Key Responsibilities

• Lead and manage a globally distributed team, establishing a follow-the-sun model for 24/7 operations.
• Define and execute the enterprise web protection strategy, including WAF, bot mitigation, and traffic security.
• Drive large-scale remediation programs addressing web vulnerabilities, misconfigurations, and legacy risks across hundreds of applications.
• Provide technical leadership for: Akamai (preferred) or equivalent CDN/WAF platforms, Bot management solutions, NGINX-based architectures and Kubernetes environments.
• Establish and oversee DNS and domain governance, including routing, failover, and security practices.
• Ensure reliable and compliant web delivery in Mainland China, including ICP licensing and Great Firewall (GFW) considerations.
• Lead response to high-impact incidents affecting availability, performance, or security.
• Partner with Engineering, SRE, and Product teams to embed DevSecOps practices.
• Ensure alignment with PCI-DSS, SOC 2, and GxP compliance requirements.
• Manage strategic vendor relationships (e.g., Akamai) and drive tooling standardization.

Required Qualifications

• 10+ years of experience in web security, infrastructure, or application delivery.
• 5+ years of experience leading globally distributed technical teams.
• Proven experience leading enterprise-scale programs and remediation efforts across large, complex organizations.

Technical Expertise

• Strong hands-on experience with: Akamai (preferred) or equivalent CDN/WAF platforms, Bot management and mitigation, NGINX and modern traffic routing architectures, Kubernetes (K8s) environments.
• Deep understanding of: HTTP/HTTPS protocols, DNS and domain architecture, Web application security (OWASP Top 10).

Additional Requirements

• Experience supporting high-availability, revenue-critical platforms, such as eCommerce.
• Direct experience operating in Mainland China, including ICP licensing requirements and Great Firewall (GFW) constraints.
• Strong knowledge of PCI-DSS, SOC 2, and GxP compliance frameworks.
• Demonstrated ability to influence and drive change across large, federated organizations.

Key Competencies

• Global leadership and cross-cultural team management
• Enterprise-scale program execution
• Strong technical depth and decision-making ability
• Stakeholder management and executive communication
• Ability to operate effectively in high-pressure environments

What Success Looks Like

• Effective 24/7 global web protection operations
• Adoption of standards across 500+ product teams
• Measurable reduction in web security risk at scale
• Strong compliance posture across regulated environments
• High-performing, globally aligned team

Key skills/competency

• Web Security
• Traffic Protection
• WAF
• Bot Mitigation
• CDN
• DNS Management
• DevSecOps
• Compliance (PCI-DSS, SOC 2, GxP)
• Global Team Leadership
• Enterprise Program Management