Senior Vulnerability Engineer

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• 5+ years of experience in vulnerability management and risk analysis, 3+ years preferred in Security Engineering.
• Hands-on expertise with scanning tools such as Tenable Nessus, Qualys, or Rapid7 and other Application Security Testing Tools.
• Familiarity with security frameworks (NIST CSF, CIS benchmarks) and compliance processes.
• Proficiency in Tableau for building KPI/KRI dashboards and data visualization.
• Strong understanding of CVEs, threat intelligence, and vulnerability remediation strategies.
• Excellent communication and collaboration skills to work across technical and business teams.
• Experience with CI/CD tools, Application Security Testing tools and test automation tools.

Responsibilities

• Perform regular vulnerability scanning of F5 networks, systems, and applications using approved tools (e.g., SAST, DAST, SCA, Tenable Nessus, Qualys and other Application Security Testing Tools).
• Analyze scan results to identify threats, misconfigurations, and weaknesses across F5 environments.
• Embodies subject matter expert on security-engineering matters, providing guidance and recommendations to IT teams and senior leadership.
• Collaborates with senior leadership to develop and maintain the organization's security strategy and roadmap, aligning security objectives with business goals and priorities
• Identify and validate security risk findings, assess severity, identify root cause, and risk impact ensuring elimination of false positives.
• Prioritize vulnerabilities based on F5 risk models, mission impact, and threat intelligence to and verify closure of vulnerabilities.
• Prepare detailed vulnerability and risk reports for stakeholders, including engineering teams and OCISO.
• Develop and maintain KPI and KRI dashboards to track remediation performance and risk trends.
• Provide technical recommendations to reduce exposure and strengthen defenses.
• Ensure adherence to F5 security policies and frameworks such as NIST CSF and CIS benchmarks.
• Identify key areas of automation within Vulnerability Assessment services and integrate them into existing automated tools ensuring consistent results are obtained.
• Support continuous monitoring and risk assessments within F5's governance model.
• Refine vulnerability management procedures, SOPs, and scanning schedules.
• Stay current with emerging threats, CVEs, and security advisories relevant to F5's technology stack.

Benefits

• You may also be offered incentive compensation, bonus, restricted stock units, and benefits.
• More details about F5's benefits can be found at the following link: https://www.f5.com/company/careers/benefits .
• F5 reserves the right to change or terminate any benefit plan without notice.