Overview
Our client is strengthening its global security posture and is seeking an experienced WAF Specialist to join a high-impact cybersecurity team. This role is focused on accurate, safe WAF tuning — ensuring protection against web and API-based attacks without disruption or bypass.
What you’ll do
* Tune and optimise WAF rules to reduce false positives and improve accuracy.
* Analyse logs to quickly distinguish between true/false positives and recommend fixes.
* Develop custom WAF rules & features to close security gaps.
* Design and execute efficacy testing, integrating into automation & CI/CD pipelines.
* Provide SME support on WAF PoCs, new features, and DevSecOps integration.
* Document WAF configurations, policies, and procedures to best practice standards.
* Stay ahead of evolving attack methodologies and recommend proactive mitigations.
What we’re looking for
* Strong SOC, CSIRT, Threat, or Forensics background — expert in log analysis.
* Knowledge of Web App Security & OWASP Top 10; ideally AppSec/DevSecOps or Ethical Hacking experience.
* Skilled with at least three WAF platforms (e.g., Akamai, F5, AWS, GCP).
* Hands-on experience with Splunk, Wireshark, or scripting for log analysis.
* Ability to engineer safe, effective WAF tuning in complex, large-scale environments.
* Strong communicator able to engage technical and non-technical teams.
Seniority level
* Mid-Senior level
Employment type
* Contract
Job function
* Information Technology
Industries
* IT Services and IT Consulting and Financial Services
#J-18808-Ljbffr