Senior Security Engineer

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

At F5, security is at the heart of everything we do. We are seeking a Senior Security Engineer. Join a team using leading edge security technology and processes to protect the F5 enterprise and product environments. The Sr. Security Engineer position will develop and implement strategic processes and build technical solutions to enable our information security program and continuously improve our security posture amidst the industry’s evolving technology landscape.

Primary Responsibilities

• Work with a team of security engineers to deliver on organizational related to threat modeling, DevSecOps pipelines, and penetration testing activities.
• Identify execution of strategic threat-modeling initiatives to identify potential risks to confidentiality, integrity, and availability across enterprise and product environments.
• Leverage native Azure, GCP, and AWS cloud services to automate and improve existing security and control activities.
• Implement DevSecOps practices, enabling seamless integration of security into CI/CD pipelines and infrastructure-as-code strategies.
• Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats.
• Perform technical security assessments against F5aaS product and enterprise cloud hosted, virtual, and on-premise systems including static and dynamic analysis, and threat modeling.
• Review and test changes to services, applications, and networks for potential security impacts.
• Manage penetration and segmentation testing of F5 applications and networks.
• Review changes to and ongoing operations of enterpise environments and supporting systems for security and compliance impacts.
• Build and implement new security controls, processes and tools.
• Collaborate with Architecture, Site Reliability Engineering and Operations teams to develop and implement technical solutions and security standards.
• Configure industry standard security testing/scanning tools (network scanning, code scanning, posture management).
• Advise enterprise stakeholders on security best practices and secure design principles.
• Implement, design, develop, administer, and manage enterprise security tooling.

Knowledge, Skills and Abilities

• Expertise in Threat Modeling methodologies and tools (e.g., STRIDE, DREAD, PASTA).
• Strong understanding of DevSecOps principles and proficiency in integrating security into CI/CD pipelines with tools such as Ansible, Terraform, Jenkins, or Artifactory.
• Ability to script in multiples languages (Go, Rust, Python, Ruby, etc.) and experience building scripts for process improvements and automation.
• In-depth knowledge of penetration testing frameworks and tools (e.g., Metasploit, Burp Suite, Qualys).
• Hands-on technical knowledge of cloud platforms (Azure, AWS, Google Cloud Platform) and cloud-native security practices.
• Technical knowledge and extensive hands-on experience with security and networking architecture, networking protocols, network security design, wireless security, intrusion prevention/detection, and firewall architecture.
• Experience automating security testing and reporting outputs.
• Knowledge or familiarity with technological stack (Big-IP, Azure, AWS, GCP, CentOS, Linux, Kubernetes, Docker Hashicorp Vault, Palo Alto, Cisco, Qualys).
• Experience assessing and implementing technical security controls.
• Exposure to DevOps tooling, CI/CD pipelines, container orchestration, and infrastructure as code approach (e.g. Puppet, Chef, Ansible, Terraform, Jenkins, CircleCI, Artifactory, Git).
• Strong written and verbal communication skills.
• Experience with network and application vulnerability and penetration testing tools.
• Willingness to innovate and learn new technologies.
• Excellent interpersonal and relationship skills with a collaborative mindset.
• Strong written and verbal communication skills.
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
• Agile, tactful, and proactive attitude that can manage prioritization and know when to escalate.

Qualifications

• B.S. or M.S. in Computer Science, Engineering, or related field, or equivalent experience
• 5 years of progressive responsibility in a security organization
• 2-6 years of relevant security engineering or network security experience

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

The annual base pay for this position is: $140,800.00 - $211,200.00

F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5’s differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change.

You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5’s benefits can be found at the following link: https://www.f5.com/company/careers/benefits. F5 reserves the right to change or terminate any benefit plan without notice.