F5 F5 application services ensure that applications are always secure and perform the way they should—in any environment and on any device.At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
Join our security engineering team focused on creating internal vulnerability management tools for F5. We use various industry-standard scanning tools and need individuals skilled in these tools and proficient in Python automation. You'll integrate findings into a central system, automate workflows, and publish tickets, helping teams manage vulnerabilities efficiently. This role provides a chance to significantly enhance F5's security posture.
Primary Responsibilities Build and implement new security controls, processes and tools.Identify organizational risks to confidentiality, integrity, and availability, and determine appropriate mitigations.Leverage native Azure, GCP, and AWS cloud services to automate and improve existing security and control activities.Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats.Perform technical security assessments against product and enterprise cloud hosted, virtual, and on-premise systems including static and dynamic analysis, and threat modeling.Review and test changes to services, applications, and networks for potential security impacts.Collaborate with Architecture, Site Reliability Engineering and Operations teams to develop and implement technical solutions and security standards.Stay abreast on security best practices and secure design principles.Review changes to and ongoing operations of enterprise environments and supporting systems for security and compliance impacts.Assist in incident detection and response efforts.Implement zero-trust patterns with cloud agnostic tools to support enterprise business units.Implement, design, develop, administer, and manage enterprise security tooling.Knowledge, Skills and Abilities Experience working with high-availability enterprise production environments.Familiarity with scripting languages (e.g., Go, Python, Ruby, Rust, etc.) and building scripts for process improvements.Experience automating security testing and reporting outputs.Technical knowledge and hands-on experience with security and networking security, basic networking protocols, cloud security, network security design, intrusion prevention/detection, and firewall architecture.Experience assessing and implementing technical security controls.Willingness to innovate and learn new technologies.Excellent interpersonal and relationship skills with a collaborative mindset.Knowledge or familiarity with technological stack (Big-IP, Azure, AWS, GCP, CentOS, Hashicorp Vault, Palo Alto, Qualys).Experience with network and application vulnerability and penetration testing tools.Baseline competency in administration of Microsoft Azure Cloud, Amazon Web Services (AWS), Google Cloud Platform (GCP) or equivalent public cloud infrastructure.Exposure to DevOps tooling, CI/CD pipelines, container orchestration, and infrastructure as code approach (e.g., Puppet, Chef, Ansible, Terraform, Jenkins, CircleCI, Artifactory, Git).Strong written and verbal communication skills.Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.Agile, tactful, and proactive attitude that can manage prioritization and know when to escalate.Qualifications B.S. or M.S. in Computer Science, Engineering, or related field, or equivalent experience.3+ years of relevant security and networking experience.The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
#J-18808-Ljbffr