WAF Engineer at WWT EMEA UK LIMITED, Remote, 6 Months+, £Contract Rate

  • Contract Spy
  • Remote
  • Apr 03, 2024
6 Months or more

Contract Description

Published: 10 hours ago

World Wide Technology (WWT), a global technology integrator and supply chain solutions provider. WWT employs more than 7000 people worldwide and operates in more than 2 million square feet of state-of-the-art warehousing, distribution, and integration space strategically located throughout the world. WWT is ranked on Glassdoor Best Places to Work for 12 years in a row and featured on Fortune’s 100 Best Companies to Work For list for 8 years in a row.


This is a Contract Role

Contract Duration: 6 months extendable

Location: UK,(100% Remote)

Inside IR 35

Job Description:

This role will play a critical role in enhancing our Web Application Firewall (WAF) across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF solutions.

This role involves a strong focus on developing robust security measures against web-based attacks, contributing significantly to the security posture of organization.

Experience: 8+ years

Key Responsibilities:

  • Develop and refine complex custom WAF rules and features, ensuring mitigation of Minimum Viable Product (MVP) and security posture gaps.
  • Coding expertise to create effective testing mechanisms for baseline and custom WAF rules, integrating these tests seamlessly into automation pipelines.
  • Offer subject matter expert (SME) support in various security testing areas, including WAF Proofs of Concept (PoCs)
  • Provide specialized WAF-focused advice on web and API attack methodologies, evasions, and mitigation techniques, leveraging your ethical hacking background.
  • Contribute to DevSecOps / DevOps with security testing expertise to enhance the automation aspects of the project

Key Accountabilities:

  • Utilize ethical hacking skills to safeguard the organization from web-based attacks, ensuring the protection of operations, reputation, and customer trust.
  • Conduct in-depth technical evaluations of WAF solution rulesets, focusing on detection and prevention of web and API security threats.
  • Develop custom WAF rules and features, addressing gaps and enhancing overall security measures.
  • Identify and counter technical strategies that bypass WAF solutions.
  • Design and implement testing protocols to evaluate the effectiveness of various security initiatives, including WAF rules and new features.
  • Facilitate the integration of testing procedures into CI/CD pipelines
  • Reverse-engineer attacker tactics to create effective mitigation rules.
  • Maintain and secure essential documentation and reports, ensuring traceability and compliance.
  • Inform the EPS Management team about emerging threats and vulnerabilities, recommending countermeasures.
  • Communicate effectively with a range of stakeholders, providing updates on security-related matters