WAF SME

About the Role

We are seeking a highly skilled WAF Engineer to join our security engineering team and take responsibility for the configuration, tuning, monitoring, and optimisation of our Web Application Firewall (WAF). The successful candidate will work closely with developers, security analysts, and infrastructure teams to ensure applications remain protected against advanced web threats while minimising false positives and supporting business operations.

This role requires deep hands-on expertise in WAF technologies, advanced knowledge of application security threats (OWASP Top 10, XSS, SQLi, XXE, etc.), and the ability to fine-tune WAF rules without compromising overall security posture.

Key Responsibilities

• Configure, manage, and tune WAF rules to balance strong security controls with minimal false positives.
• Collaborate with development teams to create precise parameter-level exceptions and avoid unnecessary rule suppression.
• Monitor WAF logs, identify potential threats, and respond to security incidents in Real Time.
• Analyse traffic patterns and investigate anomalies, such as spikes in error codes or unusual request behaviour.
• Develop and implement strategies to mitigate attacks, including automated threats, scraping, path traversal, XXE, and SQL injection.
• Document WAF policies, exceptions, and processes, ensuring knowledge is shared across the team.
• Partner with security operations, SOC analysts, and developers to ensure WAF is aligned with application updates and new releases.
• Support threat modelling, security testing, and vulnerability assessments with a WAF focus.

Required Skills & Experience

• Strong expertise with Web Application Firewalls (eg, F5 ASM/Advanced WAF, Imperva, Akamai Kona, Cloudflare, AWS WAF, Azure WAF).
• Deep understanding of OWASP Top 10 and web attack techniques, including XSS, SQLi, XXE, SSRF, and path traversal.
• Hands-on experience tuning WAFs to allow business functionality while preventing exploitation.
• Solid knowledge of HTTP, HTTPS, XML, JSON, REST APIs, and web application behaviours.
• Experience in analysing logs and traffic anomalies to detect attacks or misconfigurations.
• Familiarity with secure SDLC processes and working with DevOps teams.
• Strong communication and stakeholder management skills.
• Certifications such as GIAC GWAPT, CEH, OSWE, or vendor-specific WAF certifications are desirable