F5
Overview
Senior Architect – Application Security role at F5. F5 is seeking a Senior Architect for Application Security to lead technical strategy and architecture across its entire security portfolio, including WAF, WAAP, DDoS mitigation, Bot Defense, API Security, TLS inspection, and identity-aware access. This role drives the evolution of F5’s security services across SaaS, hardware, and cloud-native platforms, ensuring they are integrated, scalable, and secure-by-design. Responsibilities
Define the cross-portfolio application security architecture strategy, covering hardware, software, and cloud-native solutions, and align it to F5’s long-term business and technology vision. Establish architectural principles, patterns, and roadmaps that guide how WAF, WAAP, API security, DDoS, identity, client-side protection, and related capabilities are designed, integrated, and delivered. Lead architectural modernization efforts to evolve monolithic or appliance-based capabilities into composable, API-driven services within a SaaS-native security control plane. Influence the security posture and innovation roadmap across F5 Distributed Cloud Services, BIG-IP, NGINX, and future platform initiatives. Champion architectural governance and threat modeling across teams to ensure scalability, observability, resiliency, and secure-by-default practices are institutionalized. Drive cross-functional alignment across product, engineering, SRE, and infrastructure teams to ensure seamless and secure user experiences across hybrid, multicloud, and edge deployments. Mentor a community of senior architects and engineers, raising the bar for application security talent across the company. Represent F5’s technical vision in customer briefings, industry forums, regulatory discussions, and analyst engagements, serving as a technical ambassador for application security innovation. Job Duties and Responsibilities
Design and validate architecture for WAAP services, distributed DDoS protection layers, advanced bot mitigation pipelines, client fingerprinting, fraud prevention engines, and access-aware enforcement controls. Develop and evangelize reusable security frameworks and patterns across the product portfolio. Collaborate with detection teams and data scientists to integrate machine learning, heuristics, and behavior analysis engines into runtime defense systems. Define telemetry, feedback loops, and attack modeling infrastructure to continuously improve detection fidelity and response agility. Work across organizational boundaries to ensure integration of security across the portfolio. Guide compliance, privacy, and regulatory alignment by ensuring architecture supports evolving standards such as FIPS, FedRAMP, NIST CSF, ISO 27001, GDPR, and OWASP. Drive architectural reviews, design validations, and threat models to ensure operational, security, and scalability concerns are addressed early. Planning, tracking and scheduling software deliverables. Skills and Qualifications
12+ years of experience in software and security architecture roles, with at least 5 years focused specifically on application-layer security. Proven track record architecting complex security systems in domains such as WAAP, API security, DDoS mitigation, bot protection, and malware detection. Deep understanding of L7 protocols (HTTP/2, HTTP/3, WebSockets, gRPC) and application security standards (OWASP Top 10, NIST, MITRE ATT&CK). Strong technical understanding of TLS, certificate management, identity and access protocols (OAuth2, OIDC, SAML), and secure session management. Familiarity with zero trust architectures, policy-as-code, multi-tenant SaaS designs, and runtime enforcement in container-based platforms (Kubernetes, Istio, Envoy). Demonstrated ability to set architectural strategy across product boundaries and influence senior engineering and product leadership. Experience designing and implementing distributed cloud solutions at scale. Understanding of containers and orchestration technologies. Broad understanding of coding and programming languages. Extensive knowledge of the software development process and corresponding technologies. Excellent understanding of design patterns and architectural styles. Proficient knowledge of the operation and development designs of agile software. Strong soft skills, including attention to detail, problem-solving and communication skills. Compensation and Benefits
The annual base pay for this position is: $261,600.00 - $392,400.00. You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5’s benefits can be found at the following link: https://www.f5.com/company/careers/benefits. F5 reserves the right to change or terminate any benefit plan without notice. Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
#J-18808-Ljbffr
Senior Architect – Application Security role at F5. F5 is seeking a Senior Architect for Application Security to lead technical strategy and architecture across its entire security portfolio, including WAF, WAAP, DDoS mitigation, Bot Defense, API Security, TLS inspection, and identity-aware access. This role drives the evolution of F5’s security services across SaaS, hardware, and cloud-native platforms, ensuring they are integrated, scalable, and secure-by-design. Responsibilities
Define the cross-portfolio application security architecture strategy, covering hardware, software, and cloud-native solutions, and align it to F5’s long-term business and technology vision. Establish architectural principles, patterns, and roadmaps that guide how WAF, WAAP, API security, DDoS, identity, client-side protection, and related capabilities are designed, integrated, and delivered. Lead architectural modernization efforts to evolve monolithic or appliance-based capabilities into composable, API-driven services within a SaaS-native security control plane. Influence the security posture and innovation roadmap across F5 Distributed Cloud Services, BIG-IP, NGINX, and future platform initiatives. Champion architectural governance and threat modeling across teams to ensure scalability, observability, resiliency, and secure-by-default practices are institutionalized. Drive cross-functional alignment across product, engineering, SRE, and infrastructure teams to ensure seamless and secure user experiences across hybrid, multicloud, and edge deployments. Mentor a community of senior architects and engineers, raising the bar for application security talent across the company. Represent F5’s technical vision in customer briefings, industry forums, regulatory discussions, and analyst engagements, serving as a technical ambassador for application security innovation. Job Duties and Responsibilities
Design and validate architecture for WAAP services, distributed DDoS protection layers, advanced bot mitigation pipelines, client fingerprinting, fraud prevention engines, and access-aware enforcement controls. Develop and evangelize reusable security frameworks and patterns across the product portfolio. Collaborate with detection teams and data scientists to integrate machine learning, heuristics, and behavior analysis engines into runtime defense systems. Define telemetry, feedback loops, and attack modeling infrastructure to continuously improve detection fidelity and response agility. Work across organizational boundaries to ensure integration of security across the portfolio. Guide compliance, privacy, and regulatory alignment by ensuring architecture supports evolving standards such as FIPS, FedRAMP, NIST CSF, ISO 27001, GDPR, and OWASP. Drive architectural reviews, design validations, and threat models to ensure operational, security, and scalability concerns are addressed early. Planning, tracking and scheduling software deliverables. Skills and Qualifications
12+ years of experience in software and security architecture roles, with at least 5 years focused specifically on application-layer security. Proven track record architecting complex security systems in domains such as WAAP, API security, DDoS mitigation, bot protection, and malware detection. Deep understanding of L7 protocols (HTTP/2, HTTP/3, WebSockets, gRPC) and application security standards (OWASP Top 10, NIST, MITRE ATT&CK). Strong technical understanding of TLS, certificate management, identity and access protocols (OAuth2, OIDC, SAML), and secure session management. Familiarity with zero trust architectures, policy-as-code, multi-tenant SaaS designs, and runtime enforcement in container-based platforms (Kubernetes, Istio, Envoy). Demonstrated ability to set architectural strategy across product boundaries and influence senior engineering and product leadership. Experience designing and implementing distributed cloud solutions at scale. Understanding of containers and orchestration technologies. Broad understanding of coding and programming languages. Extensive knowledge of the software development process and corresponding technologies. Excellent understanding of design patterns and architectural styles. Proficient knowledge of the operation and development designs of agile software. Strong soft skills, including attention to detail, problem-solving and communication skills. Compensation and Benefits
The annual base pay for this position is: $261,600.00 - $392,400.00. You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5’s benefits can be found at the following link: https://www.f5.com/company/careers/benefits. F5 reserves the right to change or terminate any benefit plan without notice. Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
#J-18808-Ljbffr