Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Tune WAF policies to enhance web application security and prevent outages.
- Company: Join a forward-thinking company focused on cybersecurity excellence.
- Benefits: Fully remote role with competitive pay and opportunities for growth.
- Why this job: Make a real difference in web security while working with cutting-edge technology.
- Qualifications: Experience in SOC, threat analysis, and web application security is essential.
- Other info: Collaborative environment with a focus on continuous learning and development.
The predicted salary is between 36000 - 60000 £ per year.
We are seeking a highly skilled and security-focused professional to take ownership of Web Application Firewall (WAF) tuning. The primary responsibility is to ensure WAF configurations are accurate and safe-preventing outages and avoiding bypass scenarios. This is a hands-on role requiring deep expertise in threat analysis and web application security.
Key Responsibilities:
- Precisely tune WAF policies to balance protection and availability.
- Analyse security logs to identify true positives, false positives, and tuning opportunities.
- Collaborate with SOC, CSIRT, and engineering teams to improve detection and response.
- Apply deep understanding of web application threats and OWASP Top 10 vulnerabilities.
- Develop and implement exception strategies without compromising security posture.
Required Experience:
- Strong background in SOC, Threat Intelligence, Forensics, or CSIRT
- Proven ability to analyse logs and security events with speed and accuracy.
- Experience in identifying and validating threat patterns and tuning techniques.
- Solid understanding of Web Application Security
- Familiarity with OWASP Top 10 and common attack vectors.
- Experience in AppSec, DevSecOps, or Ethical Hacking is highly desirable.
Bonus Skills:
Security Engineering experience (e.g., building detection rules, automation, or infrastructure hardening).
Ideal Candidate Profile:
- Analytical mindset with a passion for precision in security controls.
- Able to work independently and collaboratively in a fast-paced environment.
- Strong communication skills to explain technical findings to non-technical stakeholders
The role can be fully remote. Applicants must be able to engage through a UK umbrella company, contract will be inside IR35.
#J-18808-Ljbffr
WAF Tuning & Security Analyst employer: I-confidential
Contact Detail:
I-confidential Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land WAF Tuning & Security Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, join relevant forums, and attend webinars. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or a blog where you can share your insights on WAF tuning and security analysis. This not only showcases your expertise but also helps you stand out from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to web application security and OWASP Top 10 vulnerabilities. Practise explaining complex concepts in simple terms – it’ll impress those non-techie interviewers!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities that might just be the perfect fit for you. Plus, it’s a great way to ensure your application gets seen by the right people.
We think you need these skills to ace WAF Tuning & Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with WAF tuning and web application security. We want to see how your skills align with the job description, so don’t be shy about showcasing your relevant achievements!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about web application security and how your background makes you the perfect fit for this role. We love seeing enthusiasm and a personal touch.
Show Off Your Analytical Skills: Since the role requires a strong analytical mindset, make sure to include examples of how you've successfully analysed security logs or tuned WAF policies in the past. We’re looking for those precise details that demonstrate your expertise!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy – just a few clicks and you’re done!
How to prepare for a job interview at I-confidential
✨Know Your WAF Inside Out
Make sure you have a solid understanding of Web Application Firewalls and their configurations. Brush up on the OWASP Top 10 vulnerabilities and be ready to discuss how you would tune WAF policies to balance protection and availability.
✨Log Analysis is Key
Prepare to talk about your experience with analysing security logs. Be specific about how you've identified true positives and false positives in the past, and think of examples where your tuning efforts led to improved security outcomes.
✨Collaboration is Crucial
This role involves working closely with SOC, CSIRT, and engineering teams. Be ready to share examples of how you've collaborated with different teams in previous roles, and how that teamwork has enhanced security measures.
✨Communicate Clearly
You’ll need to explain technical findings to non-technical stakeholders. Practice simplifying complex concepts and think of ways to convey your ideas clearly and effectively during the interview.