2 of 2 Application Security Jobs in South Yorkshire

be with senior stakeholders from Business, Cloud, Compliance, and Cyber teams, along with Project Managers, focusing on risk identification, status reporting, and escalation. Skills Required Extensive experience with Web Application Security log analysis, preferably from a Cyber SOC/CSIRT background, with a willingness to upskill into WAF Engineering SME across CN WAF (AWS, Azure, GCP, Modsec) and … with multiple WAF solutions for edge, cloud, and on-premise deployments. Strong experience with cloud services and their WAF controls, including AWS, Azure, and GCP. Deep understanding of web application security attack methods and mitigations. Proficiency in WAF tuning, configuration, and web security principles. Ability to develop custom WAF rules and features to address security gaps. … Capability to design and document bespoke WAF processes, underpinned by web security expertise. Analytical skills to review and align platforms with MVP and Baseline Configurations. Support for DevSecOps pipeline automation. Familiarity with IDAM protocols and access control for WAF management. Knowledge of HTTPS inspection, including termination and certificate management. Experience with rate limiting techniques and integration. Experience with version More ❯

About the Role We are seeking a highly skilled WAF Engineer to join our security engineering team and take responsibility for the configuration, tuning, monitoring, and optimisation of our Web Application Firewall (WAF). The successful candidate will work closely with developers, security analysts, and infrastructure teams to ensure applications remain protected against advanced web threats while … minimising false positives and supporting business operations. This role requires deep hands-on expertise in WAF technologies, advanced knowledge of application security threats (OWASP Top 10, XSS, SQLi, XXE, etc.), and the ability to fine-tune WAF rules without compromising overall security posture. Key Responsibilities Configure, manage, and tune WAF rules to balance strong security controls … with minimal false positives. Collaborate with development teams to create precise parameter-level exceptions and avoid unnecessary rule suppression. Monitor WAF logs, identify potential threats, and respond to security incidents in Real Time. Analyse traffic patterns and investigate anomalies, such as spikes in error codes or unusual request behaviour. Develop and implement strategies to mitigate attacks, including automated threats More ❯