Overview

WAF & Application Security SME Contract: 6 Months. Day Rate: £650 (Inside IR35). Location: Fully Remote (UK-based).

Responsibilities

• Design and implement custom WAF rules to address security gaps
• Conduct detailed log analysis to identify and mitigate false positives
• Support DevSecOps pipeline integration and automation of efficacy testing
• Advise on web/API attack vectors and mitigation strategies
• Provide SME input on WAF PoCs, new features, and cost-effective solutions
• Maintain clear documentation of tuning procedures and configurations

Experience Required

• Strong background in SOC, AppSec, or Ethical Hacking
• Deep understanding of OWASP Top 10 and web security principles
• Hands-on experience with WAF platforms (e.g. Akamai, F5, AWS, GCP)
• Skilled in log analysis tools (e.g. Splunk, Wireshark)
• Excellent problem-solving and communication skills