Security Engineer
F5 Networks
San Jose
hace 3 días

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

About the position :

F5 is looking for a hands-on Security Engineer with experience owning vulnerability management, security governance and code security program.

F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will be primarily responsible for vulnerability management of open-source components in the software that makes up the platform along with providing oversight and governance on the security implementation strategies of the product development lifecycle.

You will also be responsible for code security and handle static and dynamic code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities.

Responsibilities :

  • Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the components of the platform and their requirements around vulnerability management, static code analysis, and dynamic code analysis depending on the component’s structure and place in the platform.
  • You will write and maintain policies and procedures around vulnerability management and code analysis following industry best practices and compliance directives to incorporate requirements of various compliance frameworks such as PCI, SOC-2, HIPAA, ISO 27001 etc.
  • You will integrate with scanning tools and provide guidance to the developers around integration, how to read the findings, and how to improve the output.
  • You will have a DevSecOps role in building automation and tooling to improve processes around security implementation at every stage of the software development lifecycle.
  • You will work with engineering teams to incorporate security best practices and provide governance on compliance of the platform.
  • You will be responsible for conducting security reviews and risk analysis as part of the change management process for infrastructure changes including but not limited to network changes, firewall reviews, security group reviews etc.
  • You will be responsible for incorporating different aspects of vulnerability scanning into SDLC such as network scans, OS scans, container scans etc.
  • and tracking the issues to remediation.

  • You will work with other team members to safely introduce dynamic code analysis tools.
  • You will participate in Incident Response when appropriate.
  • Minimum qualifications :

  • BS degree in Computer Science or equivalent with 7+ years of secure software development experience.
  • Hands-on experience with build systems and dependency systems for multiple languages including Golang, Java, C++, Javascript, Python etc.
  • Hands on experience with computer programming languages Golang, C++
  • Strong experience on risk management requirements associated with different compliance frameworks including but not limited to PCI, SOC-2, ISO 27001 etc.
  • Good understanding of Docker container building process.
  • Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc.
  • Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc.
  • Familiarity with microservices architecture, Docker and Kubernetes.
  • Good understanding of complexities and security challenges in large-scale distributed systems.
  • Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner.
  • Excellent written and verbal communication skills.
  • Strong interpersonal, team building, and mentoring skills.
  • LI-EP1, #LI-Remote

    The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

    Please note that F5 only contacts candidates through F5 email address (ending with f5.com) or auto email notification from Yello / Workday (ending with f5.

    com or myworkday.com) .

    Equal Employment Opportunity

    It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws.

    This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination.

    F5 offers a variety of reasonable for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job.

    Request by contacting accommodations f5.com

    Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación