Principal IAM & Web Security Engineer

Overview Are you ready to be the primary defender of the digital experience and commerce ecosystem for a global leader in scientific discovery? Waters is seeking a Security Lead—an expert in application, and operational security—to ensure the health, integrity, and compliance of our mission-critical platforms. This is more than a security compliance job; it's a chance to embed security "left-of-boom" (in the development pipeline) while maintaining robust operational defenses against threats to our global digital backbone. You will be the technical authority ensuring our solutions scale globally and perform flawlessly, all while remaining secure. Responsibilities Implement and manage Web Application Firewalls (WAF) and security policies, focusing on policy tuning, bot management, and rule optimization. Align IAM configs & controls to meet compliance, and security requirements Lead and execute secure code reviews, application penetration testing, and dynamic application security testing (DAST) to proactively identify vulnerabilities in the engineering lifecycle. Serve as the subject matter expert on Application Security best practices, including the OWASP Top 10, secure coding standards, and API security. Identify and track vulnerabilities across applications, coordinating remediation efforts and ensuring timely patching and risk prioritization based on business impact. Manage user provisioning, Role-Based Access Control (RBAC), and privileged access management (PAM). Enforce strong authentication mechanisms, including multi-factor authentication (MFA) and the principle of least privilege across all digital environments. Qualifications 3+ years of experience in a program lead role with hands-on experience in Okta/Azure AD 5+ years of experience in implementing and managing

WAF & CDN

solutions using platforms such as Akamai/Cloudflare Strong knowledge of identity protocols (SAML, OAuth2, LDAP, OpenID Connect) Expert-level knowledge of RBAC, MFA, privileged access management, and identity governance. Experience in OWASP Top 10, secure coding, DAST/SAST and API security Proven experience in risk prioritization, remediation planning, and use of enterprise vulnerability scanning tools. Strong scripting or automation skills (e.g., PowerShell, Python) Hands-on experience with WAF management, SOC workflows, SIEM tools, and log analysis for threat detection.

Certifications:

Possession of the CISSP (Certified Information Systems Security Professional) is highly preferred. Company Description Waters Corporation (

NYSE:

WAT) is a global leader in life sciences and diagnostics, dedicated to accelerating the benefits of pioneering science through analytical technologies, informatics, and service. With a focus on regulated, high-volume testing environments, our innovative portfolio harnesses deep scientific expertise across chemistry, physics, and biology. We collaborate with customers around the world to advance the release of effective, high-quality medicines, ensure the safety of food and water, and drive better patient outcomes by detecting diseases earlier, managing routine infections, and combating antibiotic resistance. Through a shared culture of relentless innovation, our passionate team of ~16,000 colleagues turn scientific challenges into breakthroughs that improve lives worldwide. Diversity and inclusion are fundamental to our core values at Waters Corporation. It benefits our employees, our products, our customers and our community. Waters complies with all applicable federal, state, and local laws. Qualified applicants are considered without regard to sex, race, color, ancestry, national origin, citizenship status, religion, age, marital status (including civil unions), military service, veteran status, pregnancy (including childbirth and related medical conditions), genetic information, sexual orientation, gender identity, legally recognized disability, domestic violence victim status, or any other characteristic protected by law. Waters is proud to be an equal opportunity workplace and is an affirmative action employer. All hiring decisions are based solely on qualifications, merit, and business needs at the time. Key Words WAF, CDN, IAM, Akamai, Application Security