Sr. Security Engineer

Primary Responsibilities

• Develop and execute information security plans, procedures, and policies
• Develop strategies to respond to and recover from security threats
• Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats
• Collaborate with Enterprise Operations, Engineering, and IT teams to implement security standards and ensure standards are followed
• Research emerging threats, vulnerabilities and trends that may affect our product and organizational security
• Assess potential risks and vulnerabilities in company’s services and infrastructure and lead remediation.
• Conduct penetration testing, simulating an attack on product systems and infrastructure to find exploitable weaknesses
• Leverage native GCP and AWS cloud services to automate and improve existing control activities.
• Perform technical security assessments against the F5aaS product and the F5aaS enterprise including static and dynamic analysis.
• Collaborate with engineering and architecture teams to identify security risks and recommend mitigating controls.
• Demonstrate F5aaS’s dedication to security to our customers.

Knowledge, Skills and Abilities

• Expertise in designing secure cloud networks, systems and application architectures with a focus on AWS and GCP cloud platforms
• Expertise in common coding languages (Python, JavaScript, Java, C)
• Experience automating security testing tools and reporting outputs
• Hands on experience with configuration management solutions and developer coding solutions and repositories
• Technical knowledge and extensive hands-on experience with security and networking architecture, networking protocols, network security design, wireless security, intrusion prevention/detection, and firewall architecture.
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
• Agile, proactive, comfortable working with ambiguous specifications and can prioritize on the fly.
• Excellent interpersonal and relationship skills.
• Experience assessing and implementing security controls in all relevant areas (including access management, encryption methods, vulnerability management, network security, application security, etc.)
• Knowledge with some of the technologies in our stack (Big-IP, CentOS, Kubernetes, Juniper, Arbor, CiscoACS, Zabbix).
• Experience with network and application vulnerability and penetration testing tools.

Qualifications

• B.S. Degree in Computer Science, Engineering or other technical degree.
• Advanced industry certification in relevant field (e.g., Ethical Hacker, CISM, CISSP).
• 4 to 6 years of meaningful work experience as an application security, network security, or general security engineer with focus on cloud computing.