Technical Management Professional

Why this job matters

The role holder will be responsible for the creation, deployment and management of the F5 Application Security Manager (AWAF/ASM) security policies, in a busy and critical environment.
 
The role holder will work in a team lead by AWAF/ASM specialists, working closely with customer security and architecture teams to understand and assimilate customer requirements accurately into F5 WAF policies, critical in the protection of customer business applications.

Working with a customer led Security Policy Forum, representing BT you will provide technical input into the forum, helping to differentiate between business legitimate access requests and unauthorised / unrequired access attempts 
 
The role holder will use their experience in F5 and wider Security governance to assist the customer in the creation of optimal AWAF/ASM policies, whilst allowing their business to operate. 
The successful applicant will also contribute information relating to the latest global threats that need consideration into the customer forum. 

What you’ll be doing

    Translate the customer's Security policy requirements and accurately apply it to the F5 WAF. 
    Regular maintenance of the F5 AWAF/ASM, primarily installing of the latest F5 AWAF/ASM signatures. 
    BIG-IP AWAF/ASM deployment automation via iControl/REST APIs
    Valued technical contribution into the customer forum, to assist the customer in creating an AWAF/ASM Security policy that maintains both Security and Operational availability.
    Working with Automation and orchestration toolchain- F5 AS3
    Creating and deploying WAF policies using BIG-IQ
    Continual review of device log files to identify access attempts both business critical and malicious, unrequired. 
    Resolution of PI & P2 incident tickets that may arise from business traffic that is denied by AWAF/ASM Security policy 
    Experience with F5 LTM and Specialising in F5 AWAF/ASM 
    Security Threat and Vulnerability management background 
    Application language framework awareness JSON, REST, JavaScript 
    Modern Application Development background is advantageous. 
    Good level of understanding of application layer attacks CSRF Attack, SQL injection, Cross Site Scripting and others 
    Scripting/Programming languages advantageous — Perl, Python, Bash scripts, PowerShell 
    Multi operating system experience — Unix/Linux, Windows 
    Log management tool experience — Running simple or complex regex searches and performing log extractions etc. 
    The individual is expected to aggressively drive, facilitate and lead the technical resolution of complex and highly visible 
    technology incidents - ensuring maximum system availability 
    Provide prompt periodic progress updates to the appropriate parties until detection of the root cause and issue closure of any incident. 
    Responsible for the complete process adherence and handling of critical incidents according to SLAs. 
    Needs to provide technical assistance for in-time and quality implementation of connecting, global, customer's LANs (Local Area Networks) together via the different available WANs (Wide Area Networks) in direct co-operation with System Engineering and Project Management. 
    Needs to maintain close relations with third parties, like vendors, to be able to monitor progress of reported problems, known caveats, newly available features, software upgrades and hardware products. This to be able to foresee possible conflicts and improvements to operational services. 
    Take part in regular service conference calls with Service Account Management, to advise customer on possible design issues following network growth and changed user requirements. 

Skils

    Experience in administering WAF policies at enterprise level.
    Minimum 3 years of experience in threat modelling and detections using SEIM solutions (Splunk/Sentinel)
    F5 L TM & BIG-IQ Expert/ Administration 
    Networking and Software development principles 
    F5 AWAF/ASM Administration certification (EXAM 303 BIG-IP AWAF/ASM Specialist)
    BIG-IP Automation Toolchain utilises declarative onboarding (DO), Application Services 3 (AS3)

 
Additional skills and experiences

    Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms 
    Familiarity with MITRE ATT&CK®
    Experience with Web Application Firewall management and rules
    Excellent understanding of common network and web protocols
    Excellent understanding of DDoS techniques and mitigation mechanisms
    Application Logging: Configuring logging profiles, administration, working with commercial and open-source solutions such as Splunk.
    Strong Automation skills, Ansible, Chef, Jenkins, Puppet etc.
    Good understanding of Agile SDLC methodology