F5 Web Application Firewall (WAF) Engineer
Why This Role Stands Out
Elevate your career as an F5 WAF Engineer by designing, deploying, and automating advanced security protections for enterprise applications, offering significant growth and impact. This hybrid role is ideal for mid-senior engineers passionate about security, automation, and developing cutting-edge WAF solutions, providing a fantastic opportunity to hone your skills in a dynamic environment. Apply now to join a leading company and make a tangible difference in cybersecurity.
Quick Overview
Job Description
- Design, configure, and deploy F5 BIG-IP Advanced WAF policies for web and API applications
- Implement security protections including OWASP Top 10, Bot Defense, Behavioral DoS, Positive Security Models, and API Security
- Develop Python automation for WAF policy deployment, log analysis, configuration drift detection, and attack correlation
- Build automation using iControl REST, AS3, Declarative Onboarding (DO), and CI/CD pipelines
- Develop Terraform/Ansible modules and GitOps workflows for Infrastructure as Code (IaC)
- Create and maintain iRules and iRulesLX for custom traffic management
- Perform WAF tuning, false-positive reduction, incident response support, and security monitoring
- Deliver architecture documentation, operational runbooks, and knowledge transfer sessions
- Design, configure, and deploy WAF policies for web and API applications.
- Implement protections including signature-based detection, positive security models, bot defense, behavioral DoS, and API schema enforcement.
- Configure SSL/TLS profiles, certificates, and secure cipher suites.
- Develop and maintain iRules and iRulesLX for custom traffic logic.
- Develop Python-based automation for policy deployment, configuration drift detection, log parsing, and attack correlation.
- Integrate automation with iControl REST, AS3, DO, and CI/CD pipelines.
- Build internal CLI tools or microservices to streamline WAF operations.
- Develop Terraform or Ansible modules for F5 deployments.
- Convert manual configurations into AS3/DO declarative templates.
- Implement GitOps workflows for WAF lifecycle management.
- Perform continuous tuning to reduce false positives.
- Conduct threat analysis, log review, and attack pattern correlation.
- Support incident response teams during active security events.
- Provide recommendations to improve application security posture.
- Deliver runbooks, architecture diagrams, and operational procedures.
- Conduct training sessions for internal teams.
- Maintain detailed change logs and configuration documentation.
- Enterprise WAF baseline policy package.
- Python automation toolkit for policy lifecycle management.
- AS3/DO declarative templates for standardized deployments.
- CI/CD integration pipelines for automated configuration.
- Bot mitigation and DoS protection configurations.
- API security enforcement profiles.
- Architecture diagrams and deployment models.
- Operational runbooks for WAF and automation workflows.
- Weekly or bi-weekly status reports.
- Final project summary and knowledge-transfer documentation.
- 5+ years of experience with F5 BIG-IP, including LTM and ASM/Advanced WAF.
- Strong Python 3.x development skills.
- Experience with iControl REST, iRules, iRulesLX, AS3, DO, and TS.
- Deep understanding of OWASP Top 10, API Top 10, HTTP/HTTPS, and TLS/SSL.
- Experience integrating WAF controls into CI/CD pipelines.
- Familiarity with Terraform, Ansible, or similar IaC tools.
- F5 certifications such as F5-CA or F5-CTS.
- Experience in regulated industries such as financial services or healthcare.
- Experience with cloud WAF capabilities across AWS, Azure, or Google Cloud Platform.
- Strong communication and documentation capabilities.
- Ability to work independently with minimal supervision.
- Demonstrated cross-functional collaboration experience.
Similar jobs
Harness Engineering Specialist (Starshield)
SpaceX · Hawthorne, United States
13 minutes agoSupplier Development Engineer, Hardware & Fasteners (Starship)
SpaceX · Hawthorne, United States
13 minutes ago$100k - $117.5k/yrTHAAD DevSecOps Engineer Staff
Lockheed Martin Corporation · Huntsville, United States
13 minutes ago$113.9k - $200.9k/yrTech Refresh Engineering Project Manager
Lockheed Martin Corporation · Colorado Springs, United States
13 minutes ago$128.4k - $226.4k/yrDev Sec Ops Engineer Staff (Top Secret)
Lockheed Martin Corporation · King of Prussia, United States
13 minutes ago$118.7k - $209.3k/yrThermal Analysis Engineer (Mechanical Engineer II)
Lockheed Martin Corporation · Sunnyvale, United States
13 minutes ago$70.1k - $123.6k/yr