Principal Engineer, Software
Bengaluru (Non-SEZ)
F5
F5 application services ensure that applications are always secure and perform the way they should—in any environment and on any device.At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
About the F5 Platform Security Team
The Platform Security team is responsible for the ensuring the products F5 builds are a secure as we can make them. We provide services and support to F5 development teams in all phases of the Secure Development Lifecycle – from design time security and threat analysis, to best development practices training, to security testing and certifications, to vulnerability response and management.
Position Summary
This position is responsible for Security Software development Lifecycle (SDLC) and implementation of complete software components related to the security certifications features of the BIG-IP. Performs Security Design reviews and Threat Model Assessments for complex security products and components. Requires little direct management to complete the majority of tasks.
Primary Responsibilities
Research, design and support the implementation of platform security solutions for the organization.
Articulate Security Analysis findings and provide remediation strategies as well as Security Threat Modelling.
Develop processes, architecture, and tools for securing the products.
Document security standards, solutions, data flows, procedures, and other technical information as directed.
Provides expert technical advice to technical staff within the appropriate technical discipline.
Operate independently determine and develop approach to security solutions under limited direction.
Evaluate and apply mature technologies to meet current or emerging business needs.
Performs other related duties as assigned.
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
Knowledge, Skills, and Abilities
Graduate/Masters in computer science with a minimum of 10+ years of software development experience in C/C++ is a plus
Experienced in DevSecOps, Secure design & development and application security
Strong Knowledge on security standards such as OWASP, WASC, SANS etc.
Experience with system Vulnerability assessment, Network Penetration Testing, Threat modelling, DDOS mitigation.
Very good Hands-On Experience in at-least one of the automated web application vulnerability scanners like AppScan, Webinspect, Accunetix, Burpsuite Pro etc.
Very good Hands-On Experience in at-least one of the Penetration Testing tools like - Aircrack-ng, Wireshark, Nmap, Metasploit etc
Strong knowledge on Static Code Analyzers like Fortify, Sonarqube, Checkmarx etc.
Have detailed Knowledge of common Web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click-jacking, Buffer-overflows, etc
Experience developing and delivering Security Trainings, Tech Talks and Presentations to the Developers and Security Champions is a plus
Qualifications
Typically requires a minimum of 10+ years of related experience with a Bachelor’s degree; or 8 years and a Master’s degree; or a PhD without experience; or equivalent work experience.
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).
Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Aircrack Application security Burp Suite C Checkmarx Computer Science CSRF DDoS DevSecOps Metasploit Nmap OWASP Pentesting PhD SANS SDLC Security analysis SonarQube SQL SQL injection XSS
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs