At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.Role Overview:The Security Engineer is a technical security position in the F5 Security Incident Response Team (F5 SIRT). Addressing security issues in F5 products is the responsibility of the F5 Security Incident Response Team (F5 SIRT). The F5 SIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to F5 products and networks. The Security Engineer is well versed in a breadth of security threats, incident handling methodologies and offensive/defensive attack vectors. The Security Engineer follows incident handling procedures to drive mitigation of security incidents and will be called to perform attack analysis, configuration suggestions, and potential onsite interaction. A Security Engineer can handle multiple active issues of diverse scope simultaneously while maintaining good communication, particularly written communication to our customers, and accepts ownership of issues until a resolution is delivered or a business as usual state is returned, providing high customer satisfaction. When not engaged in incidents, an Security Engineer will mentor other security related issues. A good candidate has a deep passion for security and a desire to help develop a security mindset in others. The role also requires a strong ability to work with incomplete information and to adapt to changing priorities.Sounds interesting? Read on!What You’ll Do:Primary ResponsibilitiesResponsible for upholding F5s business code of ethics & for promptly reporting violations of the code or other company policiesManages multiple issues and prioritizes based upon customer and business needs, without directionProvides F5 customers with a consistently high-quality support experienceAssist Senior Security Engineer with other tasks as required based upon business operation needsEffectively engages supporting escalation personnel, without directionParticipate in weekend support rotationProduct Vulnerability Response and ManagementWork with the PD Platform Security team to maintain the 3rd Party Module Vulnerability Triage informationOpen Escalation when requested by Platform Security to investigate orphaned Vulnerability bugsParticipate in the release meetings and triage bugs for releaseAssist ENE owners with ENE006 SRs that are in deadlock or stalledPerform threat and vulnerability management, monitoring of CVE and vendor notificationsMonitor the F5SIRT shared mailbox, identify external researchers and create SRs where necessary to be assigned to Security EngineersCustomer Security Incident ResponseProvide incident handling and drives both attack analysis and mitigation optionsParticipate in tier 2 and tier 3 security supportFollows processes defined in F5’s Quality Management System (QMS)Mentoring Security SRs to resolution - Proactively monitors Securty Service Request (SR) with long Time to Resolution (TTR)Working with F5 SIRT Specialists to handle ESRP casesMaintain incident documentation, participate in post-mortems, and write incident reports.Working with SR Security Engineers on post-mortem for ESRP incidentsTracking attack trends and threat intelligence from different sourcesMonitors security issues in order to identify and act upon them as they occur – Active MentoringRunning workshops to help F5 SIRT Specialists build hands-on experience in a lab environment in order to better prepare for dealing with attacks in the real environment – With Sr. Sec EngSimulating typical customer network environment (in terms of versions, modules, network devices), running different attacks, documenting security incident response plan and exercising itWork closely with others to develop incident response plansBuilding Security Mindset - Security EvangelismRunning regional F5 SIRT meetingsHandling reactive mentor questions on Security from F5 SIRT Specialists and NSEs – Monitor F5 SIRT emailCreating security presentations for a wide audienceEngages in on-going training within the security field and with F5 productsMay lead projects and provide guidance/training to less experienced staff and mentoring.Evaluate and execute cross-functional security initiatives across the enterprise.Work with cross functional Engineering teams to ensure all systems are properly remediated according to our policies and standards.What You’ll Bring:Minimum of 5 years of related experience in a technical security role such as support, monitoring or consulting (e.g. pen testing) working with relevant technologiesAppropriate security based qualification; CISSP, GCIH (or demonstrated skills and ability to obtain certification) – more than one certification preferred.Strong understanding of industry standards such as CVE, CPE, and CVSSExperience with security incident handling processes, procedures and methodologies.Technical experience with identifying and mitigating a breadth of attacks such as DDoS, web application, DNS and other network attacks.Knowledge with common security vulnerabilities and the ability to judge their severityExperience with working security incidents at corporate production environmentsExperience working with network and packet analysis toolsBA/BS degree or equivalent experienceKnowledge with Web Application Firewalls, Firewalls and IPS/IDSExperience with network vulnerability scannersOS hardening and security best practicesHands on technical experience with and very knowledgeable on LAN/WAN operations, and/or networking hardware requiredCVE and CERT experienceKnowledge of security offensive/defensive techniques and methodologies.Understanding of security attack/defense methodologies (e.g. DNS, network TCP/IP, SSL and HTTP)Intermediate understanding and working knowledge of TCP/IP, SSL, DNS, HTTP and common protocols.Knowledge of network and security monitoring toolsCoding experience – having in addition to Python knowledge in other scripting languagesFamiliarity with load balancers, WAF’s and common network architecturesWorking knowledge of standard UNIX/Linux command line toolsAbility to generate new training and knowledge sharing content via various delivery method Proven track record in a team environmentAnalytical thinker with strong attention to detailMust be able to read, write and speak English fluently, including technical concepts and terminology.Must be able to relay technical information to customers with varying skill levelsAbility to create attack Proof of ConceptsExperience with incident tracking software, Seibel experience a plus What You’ll Get:Hybrid working mode Career growth and development opportunities Recognitions and Rewards Employee Assistance Program Competitive pay, comprehensive benefits, and cool perks Culture of Giving Back Dynamic Diversity & Inclusion Interest Groups Apply if you believe your own unique capabilities can contribute to the success of this role and our organization! #LI-VRThe Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).Equal Employment OpportunityIt is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
View Original Job Posting