At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
The F5 Security Incident Response Team (F5 SIRT) addresses security issues in F5 products. During a security incident, F5 SIRT works to protect your user identities, applications, corporate assets, and customer data. Our SIRT engineers also coordinate with other F5 teams to develop ready-to-deploy technical countermeasures; theyll share them with you and help you put them in place. But the response doesnt stop when the attack does. Well look beyond the reported incident to reduce the overall harm to your organization, as well as understand, anticipate, and deter future threats.
Attractions to the Job:
Our SIRT engineer is a valued contributor on our team in the F5 SIRT. Our team is a dedicated, global team that leads the receipt, investigation, and public reporting of security vulnerability information that is related to F5 products and networks.
You will be well versed in wide variety of security threats, incident handling methodologies and offensive/defensive attack vectors. You'll use this knowledge to identify and form response mitigation plans for a variety of attacks/threats. Our team follows incident handling procedures to drive mitigation of security incidents and will be called to perform attack analysis, configuration suggestions, and potential onsite interaction. As a Security Engineer we predict you can balance multiple active issues of diverse scope simultaneously, while maintaining good communication, particularly written communication to our customers, and accepts ownership of issues until a resolution is delivered or a business as usual state is returned, providing high customer satisfaction. When not engaged in incidents, you have the growth opportunity to mentor other engineers on security related issues, research emerging new threats and both document & present their impact on our products and services. You are an advocate every single day for improving the security of F5 products and services.
Your Day-to-Day:
Do you want a job you love? Do you enjoy working in the security realm and researching new aspects about security? To have a career that provides you an opportunity to join the global leader in advanced application security manager as a member of our top-tier support organization? We are looking for an engineer with a deep passion for security and a desire to help develop a security mindset in others. We highly seek someone with capability and interest to work with incomplete information and to adapt to changing priorities day to day.
Product Vulnerability Response and Management
- You will collaborate with the PD Platform Security team to maintain the 3rd Party Module Vulnerability Triage information
- Open escalation's when requested by Platform Security to investigate orphaned vulnerability bugs
- Participate in the release meetings and triage bugs for release.
- Assist ENE owners with ENE006 SRs that are in deadlock or stalled.
- Perform threat and vulnerability management, monitoring of CVE and vendor notifications.
- Monitor the F5SIRT shared mailbox, identify external researchers and create SRs where necessary to be assigned to Security Engineers.
Customer Security Incident Response
- Provide incident handling and drives both attack analysis and mitigation options
- Contributing in the tier 2 and tier 3 security support.
- Follows processes defined in F5s Quality Management System (QMS)
- Mentoring Security SRs to resolution - Proactively monitors Security Service Request (SR) with long Time to Resolution (TTR)
- Partnering with F5 SIRT Specialists to handle ESRP cases.
- Maintain incident documentation, participate in post-mortems, and write incident reports.
- Collaborating with SR Security Engineers on post-mortem for ESRP incidents.
- You are comfortable tracking attack trends and threat intelligence from different sources
- Monitors security issues in order to identify and act upon them as they occur Active Mentoring.
- You will lead workshops to encourage F5 SIRT Specialists build hands-on experience in a lab environment in order to better prepare for dealing with attacks in the real environment With Sr. Sec Eng
- Simulating typical customer network environment (in terms of versions, modules, network devices), running different attacks, documenting security incident response plan and exercising it.
- Work closely with others to develop incident response plans.
Building Security Mindset - Security Evangelism
- You will lead the meaningful regional F5 SIRT meetings.
- Welcome any reactive mentor questions on Security from F5 SIRT Specialists and NSEs Monitor the F5 SIRT email.
- Create security presentations for a wide and diverse audience.
- Engages in ongoing meaningful training within the security field and with F5 products.
- May lead projects and provide guidance/training to less experienced staff and mentoring.
- Evaluate and execute cross-functional security initiatives across the enterprise.
- Work with multi-functional engineering teams to ensure all systems are properly remediated according to our policies and standards.
Other Functions
- Handles multiple issues and prioritizes based upon customer and business needs, without direction
- Provides F5 customers with a consistently high-quality support experience.
- You will assist the Senior Security Engineer with other tasks as required based upon business operation needs.
- Effectively engages supporting escalation personnel, without direction.
- Participate in weekend support rotation.
How do you Qualify?
- Bring with you 5 years' experience in a technical security role, such as support, monitoring or consulting (e.g. pen testing) working with relevant technologies.
- A Bachelors degree in a related field or equivalent related experience.
- Appropriate security-based qualification; CISSP, GCIH (or demonstrated skills and ability to obtain certification) more than one certification preferred.
- Experience with incident tracking software, Siebel experience a plus.
- Advanced experience with security incident handling processes, procedures and methodologies.
- Technical experience with identifying and mitigating a breadth of attacks such as DDoS, web application, DNS and other network attacks.
- Extraordinary experience with working security incidents at corporate production environments.
- You may be asked to work outside of normal working hours (evenings and weekends). There will be a need for you to participate in an on-call rotation.
- We will ask you to travel via automobile or airplane, approximately 20% of the time, a current passport is required.
- You are capable of lifting up to 50 lbs, to enable you to rack our controllers in customer locations or our lab.
You Bring these Skills with You:
- Advanced knowledge with common security vulnerabilities and the ability to judge their severity.
- You possess hands on experience and very knowledgeable on LAN/WAN operations, and/or networking hardware required.
- Familiarity with load balancers, WAFs and common network architectures. You have a good working knowledge of standard UNIX/Linux command line tools.
- You hold a deep understanding of industry standards such as CVE, CPE, and CVSS.
- Experience working with network and packet analysis tools.
- You have knowledge with Web Application Firewalls, Firewalls and IPS/IDS.
- Experience with network vulnerability scanners.
- OS hardening and security standard methodologies.
- Accomplished knowledge of security offensive/defensive techniques and methodologies.
- Someone who thrives in a dynamic environment with an understanding of security attack/defense methodologies (e.g. DNS, network TCP/IP, SSL and HTTP).
- Intermediate understanding of TCP/IP, SSL, DNS, HTTP and common protocols.
- Knowledge of network and security monitoring tools.
- Coding experience having in addition to Python knowledge in other scripting languages is nice to have.
- Working knowledge of standard UNIX/Linux command line tools.
- Desire to create and generate new trainings and knowledge sharing content via various delivery method.
- We want an individual that will be creative and dedicated and someone who works well with moderate supervision. And you have an interest to contribute to a collaborative team environment.
- Analytical thinker with strong attention to detail.
- Ability to create attack Proof of Concepts.
- Excellent written and oral communication skills. You can relay technical information to customers with varying skill levels.
#LI-DC1
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
The annual U.S. base pay range for this position is: $124,618.00 - $186,928.00
F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5s differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change.
You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5s benefits can be found at the following link: https://www.f5.com/company/careers/benefits . F5 reserves the right to change or terminate any benefit plan without notice.
Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).
Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity