At F5, we make apps faster, smarter, and safer. Come work within the security
threat research group in an exciting, fast paced environment. Our team is
performing the analysis of the latest security threats, detection and
mitigation of our security solutions, as well as pen testing of F5 products.
The team works in an intensive environment, and is constantly updated with the
latest modern technologies. Come and join the best in their field!
Position Summary
Being a part of a highly experienced Security Research team, while
specializing in web vulnerabilities analysis, threat intelligence and Honeynet
projects. The team is handling the research of vulnerabilities and malware,
evolving threats analysis, development and updates of attack signatures and
product-hacking.
Responsibilities
* Research of web frameworks and servers to understand the emerging threats.
* Analysis of newly published web application vulnerabilities and their reproduction.
* Specializing in WAF evasions and trying to bypass our technology before the hackers do.
* Innovating by building proof of concept solutions for sophisticated threats, as well as ongoing development of attack signatures — working together with the development teams to improve the WAF product based on the gathered research.
* Mining WebSec related intelligence from blogs, forums, conferences and academy papers.
* Developing attack-analysis tools and research infrastructure.
* Publishing blogs and reports.
Qualifications:
* 2 years experience or more in web exploitation or real web attacks analysis.
* Strong understanding of internals of general networking, HTTP protocol, web servers and web applications — a must.
* Experience in monitoring web vulnerabilities as they come out.
* Experience in developing research infrastructure and tools in Python.
* Low-level understanding of security principles, theories and known attack vectors.
* Advantage: Hands-on experience in attack signatures crafting (e.g. SNORT).
* Experience in binary malware and analysis of malicious scripts – Advantage.
* Experience in web development (front/back end) – Advantage.
The Job Description is intended to be a general representation of the
responsibilities and requirements of the job. However, the description may not
be all-inclusive, and responsibilities and requirements are subject to
change.Phishing Alert
Please note that F5 only contacts candidates through F5 email address (ending
with @f5.com) or auto email notification from Yello/Workday (ending with
f5.com or @myworkday.com).
Equal Employment Opportunity
It is the policy of F5 to provide equal employment opportunities to all
employees and employment applicants without regard to unlawful considerations
of race, religion, color, national origin, sex, sexual orientation, gender
identity or expression, age, sensory, physical, or mental disability,marital
status, veteran or military status, genetic information, or any other
classification protected by applicable local, state, or federal laws.This
policy applies to all aspects of employment, including, but not limited to,
hiring, job assignment, compensation, promotion, benefits, training,
discipline, and termination. Reasonable accommodation is available for
qualified individuals with disabilities, upon request.