Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Why do you want to join our team?
Life at F5 is never dull. We are constantly identifying industry trends and disruptions, then innovating to get ahead of future customer needs-creating application services that help the world's leading organizations deliver their critical business apps faster and with the highest levels of flexibility, security, performance, and support.
But our success isn't driven solely by what we do. We also care deeply about how we do it. At F5, our culture is how we live, every single day. And it's producing extraordinary results-not only for our customers, but also for our employees. We understand that your life is about more than just work, so we're committed to a culture that supports your whole life.
Volterra, now a part of F5, has innovated a consistent, cloud-native environment that can be deployed across multiple public clouds and edge sites - a distributed cloud platform. Within this SaaS-based offering, Volterra integrates a broad range of services that have normally been siloed across many point products and network or cloud providers. The solution is designed to provide a single way to view security, operations and management components.
About the position:
Volterra is looking for a Senior Security Engineer passionate about identifying security vulnerabilities in designs and implementations. You will participate in continuously improving the security of Volterra's Edge Computing platform which is used to deploy global, scalable and secure applications. Your work includes, but not limited to, understanding the architecture and implementations of Volterra platform, using and building tools to identify vulnerabilities, provide example exploitation code/steps, recommend mitigation strategies, and verification of mitigation.
- Collaborate with architects, operations, and business leaders to understand the attack surface areas, prioritize assessment areas based on threat level, document test plans, design testing solutions, and implement them to provide strong security to the Volterra platform.
- Conduct vulnerability assessments at Web, Container, Network, and System levels using tools (such as Burp Suite, Cobalt Strike, Metasploit, Empire, Nessus, Nexpose, nmap, etc.) and manual techniques. You will also write your own tools and automation scripts for repeated testing.
- Keep abreast with industry best practices around Web Application Security, Container Security, System security, etc. and make them part of your recommendations.
- Make use of existing monitoring and alerting systems and/or build tools to alert on anomalies in system behavior.
- Demonstrate technical leadership in your domain areas; mentor non-security teams and review the security fixes
- You will vet various open source and closed source technologies, components, libraries, tools, etc.
- Hands-on coding in multiple languages while considering performance, scalability, maintainability, and flexibility
- Excellent written and verbal communication skills
- BS degree in computer science or equivalent
- Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or a PhD with 3 years of experience.
- Proven experience in Red Teaming - Minimum 2 years
- Industry Certifications (e.g. OSCP, OSCE, GPEN, CREST)
- Deep knowledge of Application, Web and Network penetration testing techniques
- Good understanding of Cloud and Cloud-native technologies (Docker, Kubernetes, etc.)
- Proficiency in a programming/scripting language(s) (e.g. Python, Go, C, C++, Powershell)
- Good understanding of web, networking, and protocols (TCP, HTTP, DNS, TLS, IPSec)
- Experience employing phishing and other social engineering tactics
- Proven ability to effectively communicate findings and mitigation strategies to stakeholders and develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Experience writing highly reliable backend services
- Experience with running Bug Bounty
- Experience reviewing source code
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Yello/Workday (ending with f5.com or @myworkday.com).
Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. Reasonable accommodation is available for qualified individuals with disabilities, upon request.