Cybersecurity Analyst

About

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

Primary Responsibilities

An individual contributor in the Cybersecurity department is chartered with supporting the company’s Cybersecurity program. Responsibilities include assisting with management and monitoring the company’s security risks, security compliance guidelines and controls, security awareness training, vulnerability management and development of best‑practice standards, policies and procedures. The individual will work with various functions throughout the enterprise to evaluate effectiveness of data governance and to maintain the security posture of the program.

• Responsible for upholding F5’s Business Code of Ethics and for promptly reporting violations of the Code or other company policies.
• Lead Data Governance Program
• Develop and implement data governance procedures for data security
• Partner with IT Engineering teams to develop tool‑based policy and scanning rules to ensure that responsible teams remediate findings from data security posture management (DSPM) scans.
• Operationalize alert response procedures to address unnecessary data storage, data access audits, and incident response in accordance with the Incident Response Plan.
• Assist with management of the vulnerability management program as it relates to Data Security
• Review and analyze highly complex remediation of findings.
• Monitor, notify and/or assist with remediation steps for identified vulnerabilities.
• Engage with stakeholders to address outstanding vulnerabilities.
• May assist with reporting on status of program to Cybersecurity Leadership or other management teams.
• Assist with audit, risk management, and compliance program
• Support and improve security, risk management, and control framework, including Secure Software Development Lifecycle and Data Security Posture Management
• Monitor internal compliance against information security governance frameworks by conducting routine testing and internal control reviews as well as enterprise security risk assessments
• Identify and communicate control gaps, evaluate management remediation action plans, and provide ongoing monitoring of resolution
• Execute annual assessment program including customer and external compliance assessments (ISO 27001/17/18, IT SOX, SOC 2, FedRAMP, HIPPA and PCI‑DSS) and required vulnerability assessment, including remediation activities
• Maintain awareness of external regulations and industry standards for new or modified requirements (FedRAMP, GDPR, PCI‑DSS, CCPA, NIST 800‑53, ISO 27001, etc.)
• Perform assessments of supporting third parties to evaluate current security posture and monitor ongoing adherence to F5’s information security requirements
• Performs other related duties as assigned.

Knowledge, Skills and Abilities

• Working knowledge of the Cyera Data Security Posture Management platform.
• Expert familiarity with systems and network infrastructure security technologies, including application/OS hardening techniques, network protocols, network & application firewalls, intrusion detection systems.
• Expert hands‑on familiarity with security risk‑assessment tools & techniques (vulnerability testing, penetration testing, social engineering, etc.)
• Excellent program/project management abilities.
• Recognizes that policies must be conceived and implemented in the context of a dynamic, customer‑oriented, for‑profit business environment.
• Excellent written & verbal communications; superior interpersonal, planning, documentation, organization, and problem solving skills.
• Expert ability to act independently; interface with people at all levels in the company, and take initiative to engage internal & external personnel/services to ensure effective & reliable systems.
• Proven initiative to engage internal & external personnel/services to ensure effective & reliable systems.
• Foreign language skills a plus.
• Proven experience influencing a team to achieve positive results.

Qualifications

• BS/BA or equivalent work experience in security related field
• 8+ years of relevant work experience
• 6+ years working experience as a security analyst or equivalent
• Industry relevant certifications such as CISSP, CRISC, CISA, CISM, CGEIT, etc.
• Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001

Physical Demands and Work Environment

• Duties are performed in a normal office environment while sitting at a desk or computer table and have the ability to work remotely.
• Duties require the ability to utilize a computer, communicate over the telephone, and read printed material.
• Duties may require being on call periodically and working outside normal working hours (evenings and weekends).
• Duties may require the ability to travel via automobile or airplane, approximately 5% of the time spent traveling.

Benefits

• Work/life integration programs like Freedom to Flex
• Dynamic employee inclusion groups
• Paid maternity/paternity leave
• Tuition assistance for professional development
• Comprehensive mentoring program
• Rewards/recognition programs
• Additional benefits and programs detailed on the F5 careers site