Contract: WAF Engineer with F5
Start date: ASAP
Duration: 6 months (extendable)
Rate: £600-680 a day (deemed Inside IR35)
Location: UK based – remote work
Contract for an experienced WAF Security Engineer who can set up and configure rules, read and write policies using F5 and F5 technologies. Working for a consultancy providing WAF services to a global Tier 1 Banking client. Working in programme which aims to deploy WAF solutions on all banks domain/names covering internet-facing and the internal web applications in order to meet the Bank’s regulatory requirement.
You will also be responsible for servicing existing and new requests for WAF, dealing with service issues and managing a number of requests at one time that will mean working closely with the Change Teams and other stakeholders to resolve any issues so that implementation can be as seamless as possible.
Ideal Engineer skills:
•Extensive experience with Web Application Security log analysis and that is derived from a Cyber SOC/CSIRT work background who is willing to up-skill into a WAF Engineering SME – Akamai Or F5 BIG-IP / NGNIX+ Or AVIWAF Or CSPs (AWS/Azure/GCP)
* CORE SKILLS/TECHNICAL REQUIREMENTStrong experience with multiple WAF solutions for edge, cloud, and on-premise
* Strong experience with cloud services and their WAF controls, ideally including one or more WAF vendor experience.
* Strong understanding of Web Application security attack methods and mitigations
* Proficiency in WAF tuning and configuration, coupled with a strong foundation in web security principles and practices.
* Develop custom WAF rules and features, addressing gaps and enhancing overall security measures.
* Capability to design and implement bespoke WAF processes and documentation, underpinned by a thorough understanding of web application security.
* Analytical skills to review and align platforms with MVP and Baseline Configurations, leveraging a deep knowledge of WAF functionalities and limitations.
* Providing DevSecOps pipeline maintenance support for the automation works
* Familiarity with IDAM protocols and access control measures for WAF management, informed by strong web security knowledge.
* Understanding of HTTPS inspection, including Termination and Certificate management, grounded in robust web security practices.
* Experience in rate limiting techniques and their integration into security configurations
* Experience of version control and update mechanisms for WAF solutions
* Competency in identifying and documenting platform and organizational logging options, with a focus on security implications and cloud environments.
* Experience interfacing with SOC during WAF related security incidents.
Don’t miss out on this opportunity and apply now!
Equal opportunities:
NP Group is committed to equality of opportunity for all employees and applications from individuals are encouraged regardless of sex, race, marital status, disability, age, part-time or fixed-term contract status, sexual orientation, or religion. NP Group is committed to promoting a diverse and inclusive environment, a place where we can all be ourselves and succeed on merit. We offer flexible working arrangements and are committed to providing our employees with a good work/life balance.