AWS WAF Security Engineer

"All candidates must be directly contracted by ASK Consulting on their payroll and cannot be subcontracted. We are unable to provide sponsorship at this moment".Job Title: AWS WAF Security EngineerLocation: Hybrid - Bloomfield, CTDuration: 9+ Months contractPR: $70 on W2Job Description:This role is a hands on cloud and application security engineering position focused on modernizing and operating AWS WAF, API security, and application security posture at scale. The work emphasizes automation, policy as code, AI assisted analysis, and operational execution, with minimal emphasis on leadership or executive engagement.The contractor will design, build, tune, and operate AWS WAF and API security capabilities, migrate WAF policy management to GitHub based CI/CD, enhance visibility through AWS Security Lake, and automate remediation workflows to reduce manual effort and improve detection fidelity.Primary Responsibilities:Implement, operate, and tune AWS WAF, Firewall Manager, Shield Advanced, and related AWS security services.Migrate and maintain AWS WAF policies as code using GitHub SaaS, including CI/CD workflows, versioning, testing, and rollback.Build automation (Terraform, Python) to deploy, manage, and validate WAF and application security controls at scale.Integrate WAF, API, and application security telemetry into AWS Security Lake to support detection, investigation, and analytics.Apply AI assisted techniques to:Reduce WAF false positivesImprove rule tuning and coverageAccelerate threat detection and log analysisDevelop automation and scripts to produce actionable outputs from the API Ownership Framework, improving visibility and accountability.Evaluate and enhance application security posture management (ASPM) and API ownership across cloud native applications.Define and implement No name remediation requirements, ensuring API posture findings are prioritized, actionable, and consumable by engineering teams.Support day to day operations of cloud and application security tooling, including troubleshooting, optimization, and routine automation.Partner directly with application and platform engineers to integrate WAF, API, and application security controls into CI/CD pipelines.Required Skills & Experience:Strong hands on experience with AWS WAF operations and tuningPractical experience with policy as code and GitHub based CI/CD pipelinesExperience integrating security logs and findings into AWS Security Lake or similar platformsHands on experience with API security platforms (e.g., No name or equivalent)Strong automation skills using Terraform and PythonExperience with application security posture management and cloud native architectures (containers, serverless, microservices)Ability to translate security findings into clear, actionable remediation guidanceExperience & Education:Bachelors degree in Computer Science or related field (or equivalent experience)8+ years of hands on security engineering experience, primarily in cloud, application, or API securityAWS Security Specialty, GIAC Cloud Security Automation (GCSA) and/or CCSP preferredAbout ASK: ASK Consulting is an award-winning technology and professional services recruiting firm servicing Fortune 500 organizations nationally. With 5 nationwide offices, two global delivery centers, and employees in 42 states-ASK Consulting connects people with amazing opportunitiesASK Consulting is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all associates.