Senior Security Engineer
Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
The Security Engineer is a technical security position in the F5 Security Incident Response Team (F5 SIRT). Addressing security issues in F5 products is the responsibility of the F5 Security Incident Response Team (F5 SIRT). The F5 SIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to F5 products and networks.
The Security Engineer is well versed in a breadth of security threats, incident handling methodologies and offensive/defensive attack vectors. They use this knowledge to identify and form response mitigation plans for a variety of attacks/threats.The Security Engineer follows incident handling procedures to drive mitigation of security incidents and will be called to perform attack analysis, configuration suggestions, and potential onsite interaction. A Security Engineer can handle multiple active issues of diverse scope simultaneously while maintaining good communication, particularly written communication to our customers, and accepts ownership of issues until a resolution is delivered or a business as the usual state is returned, providing high customer satisfaction. When not engaged in incidents, a Security Engineer will mentor other security-related issues.
A good candidate has a deep passion for security and a desire to help develop a security mindset in others. The role also requires a strong ability to work with incomplete information and to adapt to changing priorities.
- Responsible for upholding F5s business code of ethics & for promptly reporting violations of the code or other company policies
- Manages multiple issues and prioritizes based on customer and business needs, without direction
- Provides F5 customers with a consistently high-quality support experience
- Effectively engages supporting escalation personnel, without direction
Product Vulnerability Response and Management
- Work with the PD Platform Security team to maintain the 3rd Party Module Vulnerability Triage information
- Open Escalation when requested by Platform Security to investigate orphaned Vulnerability bugs
- Participate in the release meetings and triage bugs for release
- Assist ENE owners with ENE006 SRs that are in deadlock or stalled
- Perform threat and vulnerability management, monitoring of CVE and vendor notifications
- Monitor the F5SIRT shared mailbox, identify external researchers and create SRs where necessary to be assigned to Security Engineers
Customer Security Incident Response
- Provide incident handling and drives both attack analysis and mitigation options
- Participate in tier 2 and tier 3 security support
- Follows processes defined in F5's Quality Management System (QMS)
- Mentoring Security SRs to resolution - Proactively monitors Security Service Request (SR) with a long Time to Resolution (TTR)
- Working with F5 SIRT Specialists to handle ESRP cases
- Maintain incident documentation, participate in post-mortems, and write incident reports.
- Tracking attack trends and threat intelligence from different sources
- Monitors security issues in order to identify and act upon them as they occur - Active Mentoring
- Running workshops to help F5 SIRT Specialists build hands-on experience in a lab environment in order to better prepare for dealing with attacks in the real environment
- Simulating typical customer network environment (in terms of versions, modules, network devices), running different attacks, documenting security incident response plan and exercising it
- Work closely with others to develop incident response plans
Building Security Mindset - Security Evangelism
- Running regional F5 SIRT meetings
- Handling reactive mentor questions on Security from F5 SIRT Specialists and F5 Global Service NSEs
- Creating security presentations for a wide audience
- Engages in on-going training within the security field and with F5 products
- May lead projects and provide guidance/training to less experienced staff and mentoring.
- Evaluate and execute cross-functional security initiatives across the enterprise.
- Work with cross-functional Engineering teams to ensure all systems are properly remediated according to our policies and standards.
- Minimum of 12 years of related experience with a minimum of 5 years experience in a technical security role such as support, monitoring or consulting (e.g. pen testing) working with relevant technologies
- Appropriate security based qualification; CISSP, GCIH (or demonstrated skills and ability to obtain certification) - more than one certification preferred.
- Strong understanding of industry standards such as CVE, CPE, and CVSS
- Experience with security incident handling processes, procedures, and methodologies.
- Technical experience with identifying and mitigating a breadth of attacks such as DDoS, web application, DNS, and other network attacks.
- Knowledge of common security vulnerabilities and the ability to judge their severity
- Advanced Experience with working security incidents at corporate production environments
- Advanced Experience working with network and packet analysis tools
- Advanced BA/BS degree or equivalent experience
- Advanced Knowledge of Web Application Firewalls, Firewalls, and IPS/IDS
- Experience with network vulnerability scanners
- OS hardening and security best practices
KNOWLEDGE, SKILLS, AND ABILITIES
- Hands-on technical experience with and very knowledgeable on LAN/WAN operations, and/or networking hardware required
- CVE and CERT experience
- Advanced Knowledge of security offensive/defensive techniques and methodologies.
- Advanced Understanding of security attack/defense methodologies (e.g. DNS, network TCP/IP, SSL, and HTTP)
- Intermediate understanding and working knowledge of TCP/IP, SSL, DNS, HTTP and common protocols.
- Knowledge of network and security monitoring tools
- Coding experience - having in addition to Python knowledge in other scripting languages
- Familiarity with load balancers, WAF's and common network architectures
- Working knowledge of standard UNIX/Linux command line tools
- Ability to generate new training and knowledge sharing content via the various delivery methods
- Proven track record in a team environment
- Analytical thinker with strong attention to detail
- Must be able to read, write and speak English fluently, including technical concepts and terminology.
- Must be able to relay technical information to customers with varying skill levels
- Ability to create attack Proof of Concepts
- Experience with incident tracking software, Seibel experience a plus
PHYSICAL DEMANDS AND WORK ENVIRONMENT:
Duties are performed in a normal office environment while sitting at a desk or computer table. Duties require the ability to utilize a computer, communicate over the telephone, and read printed material. Duties may require the ability to travel via automobile or airplane, approximately 20% of the time spent traveling. Some datacenter/lab work as well. Duties may require the ability to lift 50 lbs enabling them to rack our controllers in customer locations or our lab. This role may require work outside of core business hours, including early morning, late evening, overnight, weekends, and/or holidays as needed. There will be a requirement to participate in an on-call rotation
Some travel may be required, a current passport is required
This role is regional - Americas, EMEA and APJ.
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. Reasonable accommodation is available for qualified individuals with disabilities, upon request.
Meet Some of F5 Networks's Employees
Systems Engineering Manager
Rubyanne manages a team of systems engineers—the technical half of a Sales Account Team—empowering them with the tools they need to be successful as they provide pre-sales support throughout northern California.
Back to top