Network Engineer
Posted 1 day ago by Lorien
Negotiable
Inside
Hybrid
London Area, United Kingdom
Summary: The WAF Engineer role focuses on implementing and optimizing Web Application Firewall technologies within Azure and AWS environments for an insurance client on a 6-month contract. The position requires strong technical leadership and collaboration skills to enhance security measures while ensuring seamless application delivery. The role is classified as inside IR35 and involves hybrid working arrangements with occasional travel to London. Candidates should have 3-5 years of hands-on experience in WAF technologies and a solid understanding of web application security protocols.
Key Responsibilities:
- Implement and optimize WAF technologies within Azure and AWS environments.
- Tune WAF policies and manage rule sets to improve security posture.
- Analyze logs and security telemetry to identify threats and drive remediation.
- Collaborate with AppDev, Cloud Engineering, and Security teams to enforce security controls.
- Guide teams in developing robust solutions and build strong stakeholder relationships.
Key Skills:
- 3-5 years of hands-on experience with WAF technologies (Azure WAF, AWS WAF).
- Strong understanding of HTTP/S protocols and Layer 7 security controls.
- Experience with WAF policy tuning and optimization.
- Familiarity with cloud networking constructs (VNets/VPCs, routing, load balancers).
- Knowledge of web application attack techniques (e.g., OWASP Top 10) and mitigation approaches.
- Experience with infrastructure-as-code and automation tools (Terraform, ARM, CloudFormation).
- Strong collaboration and technical leadership skills.
Salary (Rate): undetermined
City: London
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
WAF Engineer - Insurance
We are currently recruiting for a WAF Engineer with strong Web Application Firewall experience particularly within Azure / AWS environments to join one of our Insurance clients on a 6-month contract.
Inside IR35 / Hybrid – adhoc travel to London
The Requirements
- 3- 5 years hands-on experience implementing WAF technologies within Azure (Azure WAF / Front Door / App Gateway)
- Ideally similar experience in other cloud environments (Azure WAF / Front Door / App Gateway, AWS WAF, GCP Cloud Armor)
- Strong understanding of HTTP/S protocols and Layer 7 security controls (how WAF protects web traffic vs other network layers)
- Experience with WAF policy tuning and optimisation, including managing rule sets, handling false positives, and improving protection posture
- Familiarity with cloud networking constructs (VNets/VPCs, routing, load balancers, private endpoints, segmentation)
- Knowledge of common web application attack techniques (e.g. OWASP Top 10: injection, XSS, API abuse) and mitigation approaches
- Experience working with infrastructure-as-code and automation tools (Terraform, ARM, CloudFormation) for WAF deployment and policy management
- Ability to analyse logs and security telemetry (WAF logs, SIEM integration) to identify threats and drive remediation
- Exposure to firewalls, DDoS protection, and broader network security controls in cloud environments
- Strong collaboration skills, working with AppDev, Cloud Engineering, and Security teams to enforce controls without blocking delivery
- Proven technical leadership capability, including guiding teams in the development of robust solutions.
- Builds strong relationships by understanding and anticipating stakeholder needs, providing insightful and innovative solutions.
If this role is of interest and would like to know more, please apply now!