Contract: Security Engineer - WAF Tuning Start Date: ASAP Duration: 3 months (extendable) Location: Hybrid (On site in Sheffield / Birmingham or Edinburgh 3 days a week) Rate: Negotiable depending on experience (deemed inside IR35) Reference: 19542 **The primary role is to tune WAF accurately and safely**

Immediate contract for experienced WAF engineers to help augment the internal Efficacy and Security Engineering teams with hands-on consultancy focused on WAF tuning and efficacy testing across F5 and cloud-native WAFs (covering at least two out of three major CSPs: AWS, Azure, GCP). A focus on tuning rules, analysing data, reducing false positives, and validating control efficacy in production-like conditions.

Scope Includes: SOC / Threat / Forensics or CSIRT backgrounds - very experienced with analysing security logs to quickly ascertain TP/FP conviction and the techniques to except Ideally some AppSec / DevSecOps or Ethical Hacking experience - need a good understanding of Web Application attacks and security; they must have deep knowledge of the OWASP Top 10 If they have Han...