F5
Join to apply for the Principal Enterprise Security Engineer role at F5.
At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
Location: Remote Reports To: VP of Infrastructure and Security Department: Infrastructure and Security
About the Role We are seeking a seasoned Principal Enterprise Security Engineer to design, implement, and manage enterprise‑wide security solutions. You'll shape our security strategy across endpoint protection, network, SaaS, IAM, and observability, while aligning to NIST and CIS standards. This role reports to the Head of Enterprise Security, with close collaboration with the CISO, CISO staff, and cross‑functional teams.
Key Responsibilities
Security Architecture & Governance
Architect enterprise security solutions across endpoints (EDR/XDR), networks, SaaS, and identity/infrastructure.
Ensure compliance with NIST SP800-53, CIS benchmarks, and FedRAMP (Low/Moderate/High) standards.
Design for DoD Impact Levels IL‑4 and IL‑5 environments, integrating enhanced controls beyond FedRAMP High
IAM & Access Management
Implement and manage IAM frameworks: RBAC, MFA, SAML, OAuth, SCIM.
Regularly review and optimize privilege configurations.
Endpoint & Network Security
Deploy and manage endpoint security tools (e.g., CrowdStrike, SentinelOne).
Define network security strategies including firewalls (e.g., Palo Alto), micro‑segmentation, VPNs.
Develop and maintain device health assessments and dashboards leveraging device telemetry from enterprise security tooling.
Configure and maintain Data Loss Prevention (DLP) tooling & policies.
Support security deployments and configurations across multiple operating systems - Windows 10/11, macOS, Window Server, RHEL, Oracle, CentOS
Experience with Security Service Edge and Software‑Defined Perimeter enables ZTNA solutions such as NetSCOPE, Zscaler, and PAN
SaaS Security & Cloud Compliance
Secure SaaS applications using SSPM tools and integrate them into governance frameworks.
Maintain compliance evidence for FedRAMP/DoD IL audits and ATO packages
Incident Response & Threat Intelligence
Lead incident response efforts: detection, triage, investigation, mitigation, and post‑mortems.
Coordinate with threat intel teams to feed strategic threat insights into detection logic and tools.
Vulnerability Management & Observability
Own vulnerability scanning, CVE tracking, patch‑rollout, and POA&M development.
Build and tune observability systems (SIEM, EDR, logging, telemetry) to support security posture.
Automation & Scripting
Automate security workflows using Python, PowerShell, Bash, or similar languages.
Integrate automation into tooling for reporting, incident response, compliance, detection, and remediation.
Collaboration & Communication
Collaborate with the CISO and staff to align security initiatives with organizational strategy.
Communicate technical concepts clearly to leadership, compliance, legal, and engineering teams.
Develop and deliver security training and awareness for teams across the enterprise.
Qualifications & Experience
Education: Bachelor’s degree in cybersecurity, computer science, engineering—or equivalent years of corporate security/SOC experience.
Experience: 7+ years in enterprise or cloud security with hands‑on background in IAM, endpoint/network/SaaS security, incident management, vulnerability management, and log analytics.
Compliance Know‑How:
Solid understanding of FedRAMP security controls and audit frameworks.
Experience with DoD IL‑4/IL‑5 programs—understand added encryption, personnel restrictions, and control overlays Technical Skills:
Proficiency with tools like CrowdStrike, Palo Alto, F5, Splunk/ELK, and IAM platforms (Okta, Entra ID, etc.).
Strong scripting/automation using Python, PowerShell, Bash, etc.
Security Frameworks: NIST SP800‑53/171, CIS Benchmarks, FedRAMP, DoD CC SRG.
Soft Skills: Strong verbal and written communication; ability to convey complex topics to executives; experience working with stakeholders across multiple time zones.
Nice to have experience with F5 BigIP LTM
Personality Traits: Strategic thinker, collaborative, proactive, with the ability to thrive in fast‑moving environments.
Compensation The annual base pay for this position is: $152,000.00 - $228,000.00.
Benefits More details about F5’s benefits can be found at: https://www.f5.com/company/careers/benefits.
Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
#J-18808-Ljbffr
At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
Location: Remote Reports To: VP of Infrastructure and Security Department: Infrastructure and Security
About the Role We are seeking a seasoned Principal Enterprise Security Engineer to design, implement, and manage enterprise‑wide security solutions. You'll shape our security strategy across endpoint protection, network, SaaS, IAM, and observability, while aligning to NIST and CIS standards. This role reports to the Head of Enterprise Security, with close collaboration with the CISO, CISO staff, and cross‑functional teams.
Key Responsibilities
Security Architecture & Governance
Architect enterprise security solutions across endpoints (EDR/XDR), networks, SaaS, and identity/infrastructure.
Ensure compliance with NIST SP800-53, CIS benchmarks, and FedRAMP (Low/Moderate/High) standards.
Design for DoD Impact Levels IL‑4 and IL‑5 environments, integrating enhanced controls beyond FedRAMP High
IAM & Access Management
Implement and manage IAM frameworks: RBAC, MFA, SAML, OAuth, SCIM.
Regularly review and optimize privilege configurations.
Endpoint & Network Security
Deploy and manage endpoint security tools (e.g., CrowdStrike, SentinelOne).
Define network security strategies including firewalls (e.g., Palo Alto), micro‑segmentation, VPNs.
Develop and maintain device health assessments and dashboards leveraging device telemetry from enterprise security tooling.
Configure and maintain Data Loss Prevention (DLP) tooling & policies.
Support security deployments and configurations across multiple operating systems - Windows 10/11, macOS, Window Server, RHEL, Oracle, CentOS
Experience with Security Service Edge and Software‑Defined Perimeter enables ZTNA solutions such as NetSCOPE, Zscaler, and PAN
SaaS Security & Cloud Compliance
Secure SaaS applications using SSPM tools and integrate them into governance frameworks.
Maintain compliance evidence for FedRAMP/DoD IL audits and ATO packages
Incident Response & Threat Intelligence
Lead incident response efforts: detection, triage, investigation, mitigation, and post‑mortems.
Coordinate with threat intel teams to feed strategic threat insights into detection logic and tools.
Vulnerability Management & Observability
Own vulnerability scanning, CVE tracking, patch‑rollout, and POA&M development.
Build and tune observability systems (SIEM, EDR, logging, telemetry) to support security posture.
Automation & Scripting
Automate security workflows using Python, PowerShell, Bash, or similar languages.
Integrate automation into tooling for reporting, incident response, compliance, detection, and remediation.
Collaboration & Communication
Collaborate with the CISO and staff to align security initiatives with organizational strategy.
Communicate technical concepts clearly to leadership, compliance, legal, and engineering teams.
Develop and deliver security training and awareness for teams across the enterprise.
Qualifications & Experience
Education: Bachelor’s degree in cybersecurity, computer science, engineering—or equivalent years of corporate security/SOC experience.
Experience: 7+ years in enterprise or cloud security with hands‑on background in IAM, endpoint/network/SaaS security, incident management, vulnerability management, and log analytics.
Compliance Know‑How:
Solid understanding of FedRAMP security controls and audit frameworks.
Experience with DoD IL‑4/IL‑5 programs—understand added encryption, personnel restrictions, and control overlays Technical Skills:
Proficiency with tools like CrowdStrike, Palo Alto, F5, Splunk/ELK, and IAM platforms (Okta, Entra ID, etc.).
Strong scripting/automation using Python, PowerShell, Bash, etc.
Security Frameworks: NIST SP800‑53/171, CIS Benchmarks, FedRAMP, DoD CC SRG.
Soft Skills: Strong verbal and written communication; ability to convey complex topics to executives; experience working with stakeholders across multiple time zones.
Nice to have experience with F5 BigIP LTM
Personality Traits: Strategic thinker, collaborative, proactive, with the ability to thrive in fast‑moving environments.
Compensation The annual base pay for this position is: $152,000.00 - $228,000.00.
Benefits More details about F5’s benefits can be found at: https://www.f5.com/company/careers/benefits.
Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
#J-18808-Ljbffr