IS Security Engineer III

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. 
 

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is a multi-cloud application services and security company committed to bringing a better digital world to life. F5 partners with the world’s largest, most advanced organizations to optimize and secure every app and API anywhere, including on-premises, in the cloud, or at the edge. F5 enables organizations to provide exceptional, secure digital experiences for their customers and continuously stay ahead of threats. For more information, visit https://www.f5.com

Position Summary:

In this role, the Security Engineer III will collaborate with other exceptionally hardworking engineers in a constantly expanding fast-paced environment. The engineer will have a strong passion for cyber security and its best standards. This will be conveyed through analysis, decision making, process improvement, mentorship, and organization wide collaboration. This role will support our incident response team and experience in DLP, UEBA, and Cloud Forensics is required. Since we are an international team, it will require strong communication with team members between the different time zones. The security engineer will need to action on real time security events with little guidance.

Primary Responsibilities:

• Ability to handle Cybersecurity incident response activities, external attack investigations, Insider threat investigations and digital forensic investigations.

• Response to escalations and managing critical cyber security incidents

• You will also directly support the Incident Response Team by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.

• Provide feedback on process improvements, improving the efficiency of the Incident Response program.

• Engage directly with end users and teams via chat, email and/or ticketing systems.

• Document actions taken in security information and event management systems (SIEM), knowledge base, or ticketing systems as required.

• Upkeep and creation of Runbooks and govern documentations

• Help Facilitate Blue Team/ Red Team exercises as well as Tabletop exercises

• Mentor junior team members as if required part of day today job. Be open to share and receive feedback

• Follow F5’s information security policies and protect information assets from unauthorized access, disclosure, modification, destruction or interference.

• Responsible for upholding F5’s Business Code of Ethics and for promptly reporting violations of the Code or other company policies.

• Stay updated on the latest security trends and cyber security news.

• Ability to automate cyber response tasks to ensure seamless security operations.

• Performs other related duties as assigned and help each other’s to thrive in work environment.

• The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change based on the business requirement.

Knowledge, Skills & Abilities:

• Strong experience in leading incidents from initial triage to closure

• Experience in driving corrective actions from Incidents by working with various teams

• Prior Experience related to cloud forensics (GCP or AWS or Azure)

• Scripting language: Python

• Query language: BigQuery, Athena

• Familiarity with MITRE ATT&CK framework

• Understanding of networking concepts and experience with SIEM solutions

• Familiarity with MacOS, working knowledge of UNIX/Linux operating systems and commands

• Solid attention to detail

• ServiceNow or JIRA or DevOps similar ticketing system experience preferred

• Highly motivated, independently driven, and good interpersonal skills

• Must take initiative and provide updates to various team members and upper management

• Strong communication, analytical and problem-solving skills

• Experience related to Incident Response, Threat Hunting

• SANS GCIA, GCIH, GPCS, CEH

• Experience in alert triage as it relates to any cloud service provider (e.g. AWS, Azure, GCP)

• Prior experience in Information Security

Additional Experience or Certifications is a Plus

• SANS GCIA, GCIH, GPCS, CEH, GCFA, or GCFR or Blue team certifications or other industry-relevant cyber-security certifications are a plus.

• Certified experience related to Incident Response, Threat Hunting

• Experience in alert triage as it relates to any cloud service provider (e.g. AWS, Azure, GCP)

• Prior experience in Information Security

• Experience designing or maintaining forensics cloud accounts in support of forensic capabilities in cloud providers

Qualifications:

• Bachelor’s degree in information systems, MIS or related technical degree and 5-7 years of experience in Cyber Security Incident Response /Threat Hunting/Digital Forensics

• Ability to excel in a fast paced, challenging, operations environment

• Experienced in investigating attacks and incidents.

• Computer Science and/or graduate degree a plus or equivalent experience

• Must be able to communicate technical and operational details fluently in English (written and oral). Other languages are a plus.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination.  F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.