Senior Security Engineer

Senior Security Engineer

Requirements

• Experience working with high-availability enterprise production environments
• Ability to script in multiples languages (Go, Rust, Python, Ruby, etc.) and experience building scripts for process improvements and automation
• Baseline competency in administration of Microsoft Azure Cloud, Amazon Web Services (AWS), Google Cloud Platform (GCP) or equivalent public cloud infrastructure.
• Technical knowledge and extensive hands-on experience with security and networking architecture, networking protocols, network security design, wireless security, intrusion prevention/detection, and firewall architecture.
• Experience automating security testing and reporting outputs
• Knowledge or familiarity with technological stack (Big-IP, Azure, AWS, GCP, CentOS, Linux, Kubernetes, Docker Hashicorp Vault, Palo Alto, Cisco, Qualys).
• Experience assessing and implementing technical security controls
• Exposure to DevOps tooling, CI/CD pipelines, container orchestration, and infrastructure as code approach (e.g. Puppet, Chef, Ansible, Terraform, Jenkins, CircleCI, Artifactory, Git)
• Strong written and verbal communication skills.
• Experience with network and application vulnerability and penetration testing tools
• Willingness to innovate and learn new technologies
• Excellent interpersonal and relationship skills with a collaborative mindset
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
• Agile, tactful, and proactive attitude that can manage prioritization and know when to escalate.
• B.S. or M.S. in Computer Science, Engineering, or related field, or equivalent experience
• 5 years of progressive responsibility in a security organization
• 2-6 years of relevant security engineering or network security experience.

Responsibilities

• Identify organizational risks to confidentiality, integrity, and availability, and determine appropriate mitigations.
• Leverage native Azure, GCP, and AWS cloud services to automate and improve existing security and control activities.
• Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats
• Perform technical security assessments against F5aaS product and enterprise cloud hosted, virtual, and on-premise systems including static and dynamic analysis, and threat modeling.
• Review and test changes to services, applications, and networks for potential security impacts.
• Manage penetration and segmentation testing of F5 applications and networks.
• Review changes to and ongoing operations of enterprise environments and supporting systems for security and compliance impacts.
• Assist in detection and response efforts as a product line subject matter expert.
• Propose new controls to Security Architecture and GRC.
• Build and implement new security controls, processes and tools.
• Implement zero-trust and IAM security patterns with cloud agnostic tooling
• Collaborate with Architecture, Site Reliability Engineering and Operations teams to develop and implement technical solutions and security standards.
• Configure industry standard security testing/scanning tools (network scanning, code scanning, posture management).
• Advise enterprise stakeholders on security best practices and secure design principles.
• Implement, design, develop, administer, and manage enterprise security tooling.

Preferred Qualifications

No preferred qualifications provided.