Security Engineer - WAF SME
New Today
**The primary role is to tune WAF accurately and safely**
Immediate contract for experienced WAF engineers to help
augment the internal Efficacy and Security Engineering teams with
hands-on consultancy
focused on
WAF tuning
and
efficacy testing
across
F5
and
cloud-native WAFs
(covering at least
two out of three
major CSPs: AWS, Azure, GCP). A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions.
Scope Includes:
SOC / Threat / Forensics or CSIRT backgrounds - very experienced with analysing security logs to quickly ascertain TP/FP conviction and the techniques to except Ideally some AppSec / DevSecOps or Ethical Hacking experience - need a good understanding of Web Application attacks and security; they must have deep knowledge of the OWASP Top 10 If they have Hands-on tuning experience
with F5. Custom rule creation , OWASP rule tuning (especially for F5), false positive reduction. Log analysis
and data-driven tuning based on real traffic. Support for
cloud-native WAF tuning
(all three Cloud providers) -not deployment or infra setup. Efficacy testing
in partnership with the internal team - recommend adjustments based on findings. Well-rounded profiles
with real-world exposure -not theoretical or solely vendor-trained. Security Engineering skills too, this a bonus Background check completion prior to contract commencement will be required
Must be eligible to work in UK for duration of the project
Networking People (UK) is acting as an Employment Business in relation to this vacancy.
TPBN1_UKTJ
- Location:
- United Kingdom
- Category:
- IT