L2 F5 Application Security Engineer – Edge Protection
- الرياض
- دائم
- دوام كامل
The L2 F5 Application Security Engineer provides day-to-day operational support, monitoring, and maintenance for the full Edge Protection tool-set mandated by SAMA: F5 BIG-IP (Access Policy Manager, Web Application Firewall, Local & Global Traffic Manager) and Infoblox DNS Security (MANDATORY). The role ensures high availability, policy compliance, and prompt incident response for all edge-security platforms, escalating complex issues to the L3 F5 team. Success is measured by swift ticket resolution, precise change execution, and strict adherence to SAMA/NCA controls.Key Responsibilities:Operational Support & Monitoring
- Continuously monitor F5 APM, ASM/WAF, LTM, GTM and Infoblox DNS grids for health, performance, and security events.
- Respond to alerts and service-desk tickets within SLA; perform first-pass diagnosis and fix routine issues.
- Implement approved configuration changes: access policies, iRules, WAF policies, DNS RPZ rules, IPAM updates, and GTM load-balancing pools.
- Apply software patches, hot-fixes, and signature updates under change-management guidelines.
- Investigate connectivity, authentication, or DNS anomalies; capture logs, packet traces, and ASM violation details.
- Escalate unresolved or systemic issues to the L3 engineer with clear documentation of findings and attempted fixes.
- Generate daily/weekly health-check reports and edge-security KPI dashboards aligned to SAMA CSF IAM-01 / NET-02 requirements.
- Ensure all changes, incidents, and maintenance tasks are fully documented in ServiceNow.
- Coordinate with network, application, and SOC teams during deployments or incident bridges.
- Maintain and improve runbooks, SOPs, and knowledge-base articles; deliver informal training sessions to L1 analysts.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity or related field.
- 3–5 years hands-on experience supporting F5 BIG-IP modules (minimum APM and ASM/WAF) and Infoblox DNS Security in production.
- Solid understanding of TCP/IP, HTTP/S, SSL/TLS, DNS, and authentication protocols (SAML, OAuth).
- Experience with ServiceNow (or similar ITSM), basic shell/CLI troubleshooting, and log analysis tools.
- Working knowledge of SAMA Cybersecurity Framework or NCA ECC controls for edge security.
- F5 Certified Administrator (302) or F5 CTS (APM or ASM).
- Infoblox Certified DNS Administrator / Security Expert.
- ITIL Foundation, CompTIA Security+, or equivalent security credential.
- Scripting (Python/TCL/bash) for automation of routine tasks.
- Familiarity with load-balancer traffic policies, iRules/LTM policies, and DNSSEC principles.
- Full-time on-site role (Sunday–Thursday), 9×5 support with participation in an on-call rota for critical escalations.
- Occasional evening or weekend work during planned maintenance windows.
- Collaborative, fast-paced environment interfacing with network, application, SOC, and compliance teams.