Security Research Manager

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. 
 

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

At F5, we make apps faster, smarter, and safer. Join our Security Threat Research group where deep security expertise meets real-world impact. As Security Research Team Manager, you will lead a highly talented and mission-driven team responsible for advancing our ability to detect and mitigate cutting-edge threats. This role offers the opportunity to shape the strategic direction of our security research efforts while staying close to the technology and threats that matter most.

We work in a dynamic, high-paced environment with a strong culture of collaboration, curiosity, and technical excellence. If you are a hands-on technical leader with proven experience in web application security, a passion for innovation, and strong people leadership skills — we want to hear from you.

Position Summary:

The Security Research Team Manager leads the strategic direction of the organization’s security research, ensuring alignment with F5’s broader security goals and product vision. This role blends deep technical knowledge in web application security and WAF technologies with strong leadership and communication skills. The ideal candidate is recognized internally and externally as a subject matter expert and plays a key role in driving innovation, guiding complex research initiatives, and mentoring top-tier security talent.

Responsibilities:

• Lead, mentor, and grow a team of security researchers focused on web application vulnerabilities, WAF evasion techniques, and threat intelligence.
• Drive the strategic direction of security research efforts in alignment with company-wide objectives and evolving threat landscapes.
• Oversee the research and replication of real-world vulnerabilities and complex threats affecting web applications and APIs.
• Guide the creation of detection logic, signatures, and proof-of-concept exploits to improve F5 security products.
• Champion innovation in security research methodologies by incorporating emerging technologies and threat models.
• Exercise independent judgment in addressing complex, ambiguous challenges that have a broad impact across F5.
• Initiate, lead, and oversee enterprise-wide research projects, ensuring smooth integration with other security and product functions.
• Collaborate closely with product and engineering teams to translate research findings into tangible protection mechanisms.
• Serve as a strategic advisor to executive leadership, providing insight into threat trends, organizational posture, and risk mitigation.
• Represent F5 at industry events, conferences, and security working groups, sharing expertise and contributing to the advancement of the field.
• Foster a strong team culture of ownership, innovation, continuous learning, and accountability in decision-making.

Qualifications:

• At least 6 years of experience in security research, with a focus on web application security or offensive/defensive security roles.
• At least 2 years of experience in a team leadership or management role, with proven ability to mentor, retain, and grow top security talent.
• Solid understanding of WAF technologies and how they detect, block, or are bypassed by real-world attacks.
• Deep knowledge of HTTP, web protocols, web server architectures, and web application behavior.
• Strong experience with hands-on research into web vulnerabilities, including reproduction of CVEs and threat modeling.
• Proficient in scripting and automation (e.g., Python) for building research tools and infrastructure.
• Experience with regular expressions, rule engines, and detection logic.
• Demonstrated ability to guide or contribute to complex, multi-functional initiatives with company-wide impact.
• Ability to communicate technical topics clearly to both technical teams and executive leadership.
• Recognized as a thought leader or expert within the security research community – advantage.
• Experience presenting at security conferences or contributing to published research – advantage.
• Knowledge of modern application environments (cloud, containers, APIs) – advantage.
• #LI-SS5
• #LI-Hybrid

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination.  F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.