WAF SME

PLEASE ONLY APPLY IF YOU CAN WORK 3 DAYS PER WEEK ONSITE IN SHEFFIELD

This role is central to strengthening and enhancing WAF capabilities across multiple applications. It involves designing, testing, and implementing advanced WAF configurations to improve security posture and detection efficacy.

Key responsibilities include building custom rules, analysing logs to fine-tune the WAF, mitigating false positives, and optimizing configurations. Ideal candidates should have a background in SOC, CSIRT, AppSec, or Ethical Hacking, with hands-on experience in at least three major WAF platforms such as Akamai, F5, AWS, or GCP.

Key Responsibilities

• Design and implement complex custom WAF rules to address security gaps.

• Develop and integrate efficacy testing for WAF rules into automation pipelines.

• Provide expert support for WAF proof-of-concepts, new features, and cost-saving in-house solutions.

• Offer security expertise on web and API-based attacks, evasions, and defenses.

• Contribute to DevSecOps automation and CI/CD pipeline integration.

• Review and act on tuning requests and WAF logs to identify and mitigate false positives.

• Maintain documentation for tuning activities, policies, and configurations.

• Develop WAF policies tailored to specific environments.

• Collaborate with teams to integrate WAF into the wider security infrastructure.

• Perform regular audits and ensure configurations align with best practices and compliance requirements.

• Stay informed on the latest web security threats and trends.

Key Accountabilities

• Protect web applications and data from attacks that could harm operations, reputation, or customer trust.

• Analyze WAF rulesets and features to ensure they meet defined baselines and maximize threat detection.

• Identify and resolve bypass techniques and evasions used by attackers.

• Build and test mitigation rules based on real-world attack scenarios.

• Automate testing procedures and integrate them into DevOps workflows.

• Reverse-engineer exploits when necessary to craft defense rules.

• Document all tuning procedures and maintain up-to-date configuration standards.

• Provide actionable recommendations based on evolving threat landscapes.

Ideal Candidate Profile

• Strong hands-on experience in WAF engineering, tuning, and operations.

• Proven ability to identify and mitigate false positives.

• Background in SOC/CSIRT, Application Security, or Ethical Hacking.

• Skilled in log analysis tools (eg, Splunk, Wireshark) and Scripting for traffic review.

• Experience with multiple WAF platforms (eg, Akamai, F5, AWS, GCP).

• Strong analytical skills and attention to detail.

• Excellent communication skills for both technical and non-technical audiences.

• Able to craft and implement WAF policies specific to diverse applications.

• Familiar with integrating WAF into broader security frameworks.

• Proactive and up-to-date on current web security trends and threats.