F5 Application Security Engineer

About The Position

Requirements

• Expertise with F5 solutions for application security, such as: Application Security Manager (ASM), Web Application Firewall (WAF) or Advanced Web Application Firewall (AWAF)
• Ability to defend against Open Web Application Security Project (OWASP) top 10
• General understanding of layer 2 & 3 network concepts, solutions, best practices and vendors
• Good business communication skills and ability to support technical documentation development
• Must have a desire to do meaningful work in support of American service members and be a part of a fun and professional work environment
• Meet and maintain criteria to qualify in DoD 8570/8140 CyberSecurity Workforce
• SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET LEVEL

Nice To Haves

• Experience with application testing methods and tools such as Burp Suite is preferred
• Familiarity with Scaled Agile Framework (SAFe) or any Agile Methods is a bonus
• Prior work with Next Generation Firewalls (NGFW) is preferable
• Any previous work with Risk Management Framework (RMF) and NIST 800 controls is going to be helpful
• Experience with Python, Powershell and/or Ansible would be a plus

Responsibilities

• Designing, configuring, documenting, and implementing an Application Security Manager (ASM)/WAF, Local Traffic Manager (LTM), and Access Policy Manager (APM) enterprise solution supporting over 100 USMC applications
• Developing and/or updating and finalizing the ASM/WAF, LTM, and APM technical documentation
• Designing and documenting ASM/WAF log aggregation
• Designing and documenting ASM/WAF and Web Assessment tool integration
• Designing , configuring, documenting , and implementing an enterprise solution that would configure Cisco and Juniper network devices for a working solution that will transverse the entire Marine Corps network using the Demilitarized Zone's F5s
• Designing , configuring, testing, documenting , and deploying Single Sign On, Common Access Card (CAC) enabled, and Active Directory solutions using F5 solutions
• Providing design expertise to develop a network DMZ to host enterprise applications
• Migrates existing applications to the newly designed DMZ

Benefits

• SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more.