At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. 
 

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

Job Description

Join a high-impact security teamleveragingadvanced technologies and best practices to safeguard F5’s enterprise and product environments. As aSecurity Engineer III, you will play a key role in handling sophisticated security incidents, performing deep-dive investigations, and supporting incident response efforts. You will serve as an escalation point for SOC L1/L2 analysts while driving improvements in detection capabilities, response processes, and overall security posture.

Key Responsibilities

• Lead and manage complex security incidents, including malware outbreaks, insider threats, APTs, and data exfiltration events

  
  

• Perform root cause analysis (RCA) and recommend remediation strategies

  
  

• Collaborate with IT, DevOps, and business teams during incident response activities

  
  

• Design, tune, andoptimizeSIEM use cases and detection rules

  
  

• Enhance alert quality by reducing false positives and improving detection accuracy

  
  

• Implement automation through SOAR platforms

  
  

• Act as the final escalation point for L1 and L2 SOC analysts

  
  

• Mentor junior analysts and provide technical leadership

  
  

• Develop andmaintainsecurity runbooks, documentation, and incident response playbooks

  
  

• Prepare detailed incident reports and executive summaries

  
  

• Conduct post-incident reviews andfacilitatelessons learned sessions

  
  

• Adhere to F5 information security policies to protect organizational assets

  
  

• Performadditionalresponsibilities as needed while embodying F5 corebehaviors.

  
  

Required Skills & Experience

• 7+ years of experience in SOC or cybersecurity, with strong incident response and L3 SOCexpertise

  
  

• Deep knowledge of SIEM platforms and EDR/XDR tools (e.g., Microsoft Defender, CrowdStrike)

  
  

• Strong skills in log analysis and scripting (Python, PowerShell, Bash)

  
  

• Experience in cloud security (Azure, AWS, GCP) and identity security (Active Directory, Azure AD)

  
  

• Ability to perform effectively under pressure during high-severity incidents

  
  

• Excellent communication, reporting, and documentation skills

  
  

• Strong analytical thinking and problem-solving abilities

  
  

Preferred Qualifications

• Certifications such as CEH, ECSA, GCIH (SANS), or equivalent

  
  

• Experience with ServiceNow, Azure DevOps (ADO), or similar case management tools

  
  

• Strong collaboration and interpersonal skills

  
  

• Demonstrated ability to lead and mentor junior team members

  
  

• Ability to present technical findings and recommendations to leadership clearly

  
  

Work Environment

• Full-time role with potential shift flexibility

  
  

• Participation in a shared on-call rotation, including early mornings, evenings, weekends, and holidays

  
  

• Primarily desk-based work with remote collaboration across global teams

  
  

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com).

Equal Employment Opportunity

It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination.  F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting [email protected].