Key Responsibilities
* Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps
* Crafting efficacy testing for baseline & custom rules and features and integrating testing in the automation pipelines
* Providing SME support for other security testing such as WAF PoCs, new features and solutions – with a potential cost saving if we use in-house resource instead of 3rd party vendors
* Providing WAF focused SME support and advice on Web & API based attack methodologies, evasions and mitigation techniques
* Providing DevSecOps SME & pipeline build support for the automation works
* Monitor and review all tuning requests.
* Conduct detailed log analysis to identify false positives and optimize WAF rules for improved accuracy and performance.
* Create and maintain comprehensive documentation for WAF tuning, tuning procedures, policies, and configurations.
* Develop, test, and recommend WAF policies and rules tailored to specific applications and environments.
* Proactively assist with identifying false positives
* Collaborate with cross-functional teams to ensure seamless integration of WAF solutions into existing security infrastructure.
* Provide recommendations for WAF configuration based on best practices and security requirements.
* Perform regular assessments and audits of WAF configurations to ensure optimal security posture and compliance with industry standards.
* Stay updated with the latest web security threats, vulnerabilities, and trends to continually enhance WAF effectiveness.
Job Type: Freelance
Pay: £450.00-£470.00 per day