Job LevelNon Management
To serve as a subject matter expert in supporting F5 load balancers Big-IP Infrastructure which includes Local Traffic Manager (LTM), Global Traffic Manager (GTM), Application Security Manager (ASM), Advanced Firewall Manager (AFM), Application Acceleration Manager (AAM) and Access Policy Manager (APM).
To be responsible for ensuring the efficient and comprehensive resolution of network security incidents, problems, events and requests.
The ideal candidate will have practical knowledge of threat detection, intrusion prevention / detection techniques and attack vectors, coupled with experience with interaction between network and other technologies that include Linux OS, firewalls, Oracle, and virtualization pools.
Minimum Requirements of Job
- Bachelor of Science Computer Science/BCOM Informatics
- F5 relevant certification qualifications
- CCNP or higher (CCIE and/or CISSP highly valued)
- OSCP or eCPPT
- In-depth industry knowledge and understanding of F5 technologies, solutions and product offerings
- Hands on engineering knowledge on network security products such as Fortinet firewall, Cisco ASA appliances
- Ability to troubleshoot load balancing through use of tools such as Wireshark, TCP dumps, Fiddler
- Good working knowledge of the following routing and switching protocols - RIP, OSPF, BGP, EIGRP, all STP variants, HSRP or equivalent
- Practical working knowledge of the following protocols and technologies - IPsec VPN, TCP/IP, SSL, TLS, IDS / IPS, SSH, SNMP, NTP.
- Basic UNIX shell scripting skills (required for configuration and monitoring activities)
- Working knowledge of security frameworks or standards such as NIST, ISO 27001/2, PCI DSS, CIS Critical Security Controls
This role is geared toward someone who is self-motivated, enjoys helping others, needs a high degree of variety, can use technology and knowledge creatively, and gets energized by investigating and solving challenging problems
- Install, configure, and maintain F5 hardware, software, devices and appliances
- Responsible for all elements of DDOS protection, detection and alerting
- Investigate assigned support calls, and identify the root cause of incidents and problems
- Make use of various monitoring and surveillance toolsets including F5 to report on the health of the environment and engage both reactively and proactively to the alerts
- Configuring load balancing algorithms
- Configuring security rulesets
- Assist with technical issues, project management, design, analysis, and implementation of network solutions as needed
- Develop and execute mitigation plans for technical issues
- Prepare periodic maintenance plans and comply with change management procedures
- Maintain detailed knowledge of company network and technology standards
- Schedule and oversee preventative and remedial action as appropriate
- Ensure all network and security assets are included in security scans and penetration tests
- Handle all internal and external vulnerability notifications relating to network and network Security devices
- Automate baseline compliance checking wherever possible
- Solicit and action regular product announcements from vendors (Cisco, F5) regarding vulnerabilities
- Ensure compliance with all relevant security standards, configuration templates and audit responsibilities i.e. CIS Benchmarks, PCI, ISO