Overview

WAF & Application Security SME — Contract: 6 Months. Day Rate: £650 (Inside IR35). Location: Fully Remote (UK-based).

We’re seeking a skilled WAF & Application Security Specialist to join a key client engagement. This role focuses on enhancing Web Application Firewall (WAF) capabilities across multiple platforms, with a strong emphasis on efficacy testing, rule creation, and tuning.

Key Responsibilities

• Design and implement custom WAF rules to address security gaps
• Conduct detailed log analysis to identify and mitigate false positives
• Support DevSecOps pipeline integration and automation of efficacy testing
• Advise on web/API attack vectors and mitigation strategies
• Provide SME input on WAF PoCs, new features, and cost-effective solutions
• Maintain clear documentation of tuning procedures and configurations

Experience Required

• Strong background in SOC, AppSec, or Ethical Hacking
• Deep understanding of OWASP Top 10 and web security principles
• Hands-on experience with WAF platforms (e.g. Akamai, F5, AWS, GCP)
• Skilled in log analysis tools (e.g. Splunk, Wireshark)
• Excellent problem-solving and communication skills