4 of 4 Application Security Jobs in Birmingham

Job Title: WAF & Application Security SME Location: Birmingham (Hybrid - 60% office/40% home, 3 days in the office mandatory) Salary/Rate: £480 Per Day - Inside IR35 Start Date: 15/09/2025 End Date: 15/09/2026 Job Type: Contract Company Introduction We have an exciting opportunity for a skilled Web Application Firewall (WAF) & Application Security Subject Matter Expert to join a high-profile programme. This role is pivotal in enhancing and tuning WAF solutions across a variety of applications to improve security posture and protect against advanced web-based threats. Job Responsibilities/Objectives You will be responsible for designing, testing, tuning, and implementing advanced WAF configurations … WAF management, tuning, and engineering, with a strong understanding of web application security principles. Proven ability to proactively identify and mitigate false positives. Background in SOC, CSIRT, AppSec, or Ethical Hacking with hands-on log analysis experience. Proficiency in analysing traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major More ❯

Security Development & Test Director 6 Months Hybrid - Birmingham 2 days per week on site £800 per day (Inside IR35) We are currently recruiting for a dynamic Security Development and Test Director to join our growing Security team. This is a great opportunity for you to play a pivotal role in helping to shape our client's transformation … journeys. *** Please note - The selected candidate must be eligible for UK Security Clearance *** The Security Development and Test Director is responsible for overseeing the secure software development lifecycle, security testing, and DevSecOps practices at both strategic and operational levels. The role ensures the effectiveness of security practices in software development, manages security testing, drives operational … maturity improvements, and oversees secure coding practices. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security development and testing activities. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation's resilience against evolving threats. Using your background in managing complex development and testing programs More ❯

cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. The successful candidate will … SOC/Threat/Forensics or CSIRT backgrounds - very experienced with analysing security logs to quickly ascertain TP/FP conviction and the techniques to except Ideally some AppSec/DevSecOps or Ethical Hacking experience - with a good understanding of Web Application attacks and security; they must be familiar with the OWASP Top 10 If they have … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities. Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic. Experience More ❯

Java, Spring and interaction with MongoDB. It requires the candidate to be familiar with distributed services, testing, system monitoring and reporting, and the complete SDLC process. Any experience in application security will be preferred. This role offers the opportunity to work with a best-in-class team of engineers building the next generation onboarding platform for PWM business. More ❯