WAF & Application Security SME en TestYantra Software Solutions

Role: WAF & Application Security SME

Employment: Contract - Inside IR35

Location: Birmingham, UK (Hybrid)

Skills:

• Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps
• Crafting efficacy testing for baseline & custom rules and features and integrating testing in the automation pipelines
• Providing SME support for other security testing such as WAF PoCs, new features and solutions – with a potential cost saving if we use in-house resource instead of 3rd party vendors
• Providing WAF focused SME support and advice on Web & API based attack methodologies, evasions and mitigation techniques
• Providing DevSecOps SME & pipeline build support for the automation works
• Monitor and review all tuning requests.
• Conduct detailed log analysis to identify false positives and optimize WAF rules for improved accuracy and performance.
• Create and maintain comprehensive documentation for WAF tuning, tuning procedures, policies, and configurations.
• Develop, test, and recommend WAF policies and rules tailored to specific applications and environments.
• Proactively assist with identifying false positives
• Collaborate with cross-functional teams to ensure seamless integration of WAF solutions into existing security infrastructure.
• Provide recommendations for WAF configuration based on best practices and security requirements.
• Perform regular assessments and audits of WAF configurations to ensure optimal security posture and compliance with industry standards.
• Stay updated with the latest web security threats, vulnerabilities, and trends to continually enhance WAF effectiveness.