Security Support Engineer

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. 
 

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

Our Security as a Service (SaaS) Security Operations Center (SOC) is the frontline of defense against an ever-changing landscape of cyber threats. Every day, our clients face new attacks and evolving attack vectors—and our SOC stands as the epicenter of their protection.

As part of our Global SOC team, you will collaborate with experienced engineers to safeguard customers around the clock, stopping attackers in their tracks. In this role, you'll be responsible for managing cloud-based security systems on behalf of our clients, ensuring real-time protection, detection, mitigation, and resolution of security events. As a SOC WAF (Web Application Firewall) Engineer, you'll bring deep expertise in WAF technologies and serve as a skilled security defender.

Our SOC is a critical component of the Security & Distributed Cloud Portfolio. Here, you'll work side by side with some of the world's top Security Engineers, leveraging cutting-edge products to defend against online fraud, DDoS attacks, application-layer exploits, and other evolving threats. Together, we analyze industry trends, respond to real-time incidents, and develop innovative protection that keeps our clients secure.

Beyond responding to security incidents, you'll also have the opportunity to mentor and train colleagues, refine processes, share security best practices, and research emerging attacks and defenses. Ideal candidates are passionate about information security, thrive on solving complex problems, excel under pressure, and are committed to continuous improvement for themselves and their teams.

This role may be required to work outside of core business hours including early morning, late evening, overnight, weekends, and holidays.

Sounds interesting? Read on 

• Take proactive and reactive steps to mitigate Application Layer security attacks or threats against our customers

• Interact directly with customers who are under attack via phone, chat, email and/or ticketing systems

• Provide proactive and real-time guidance to customers on security protocols and defensive security response

• Document actions taken in incident management systems, knowledge base, or ticketing systems as required

• Establish yourself as a trusted security advisor internally and externally

• Assist clients with onboarding and provisioning

• Engage and support cross-functional teams

• Appropriately manage time and customer issues based on issue severity and business needs

• Collaborate with Product Management and Development on requirements and product release activities

• Identify, define, and implement process and procedure improvements

• Ensures documented processes and procedures are relevant and up to date

• B.S/A.S, in Information System Security or related degree/experience

• 1-2 years' experience administering Web Application Firewalls 

• Familiarity with programming or scripting language.

• Understanding in common enterprise network technologies

• Technical knowledge of, and experience troubleshooting TCP/IP networks and ability to perform log file analysis

• Detailed protocol analysis using tools such as tcpdump, tshark, and Wireshark

• Packet manipulation and crafting using tools such as hping, scapy, and iptables

• Traffic generation and replay using tools such as apachebench and tcpreplay

• Familiarity with F5 hardware and software (Big-IP, TMOS, iRules, iApps, iControl, etc.)

• Fundamental Linux skills

• Have experience in analysis using tools such as Fiddler, HttpWatch, Burp Suite, socat, and netcat.

• Familiarity with SQL injection, cross-site scripting, web scraping, CSRF, brute force, cookie manipulation, parameter tampering, and other emerging Layer 4-7 attacks/vulnerabilities to define, configure, and manage security policies encouraging RFC compliance

• Skilled understanding and experience with HTTP and web application security (school project experience counts)

• Must be able to communicate technical and operational details fluently in English (written and oral)

• Troubleshooting and problem-solving ability including analytical thinking and a strong attention to detail

• Excellent customer service skills

• Hybrid working mode

• Career growth and development opportunities  

• Recognitions and Rewards

• Employee Assistance Program

• Competitive pay, comprehensive benefits, and cool perks

• Culture of Giving Back

• Dynamic Diversity & Inclusion Interest Groups

Apply if you believe your own unique capabilities can contribute to the success of this role and our organization

#LI-BH1

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Please note that F5 only contacts candidates through F5 email address (ending with ) or auto email notification from Workday (ending with or ).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination.  F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting