Note: The job is a remote job and is open to candidates in USA. Dice is seeking an F5 Web Application Firewall (WAF) Engineer to design, deploy, and operationalize F5 BIG-IP Advanced WAF protections across enterprise applications. The role involves implementing security measures, developing automation solutions, and providing documentation and training for internal teams.
Responsibilities
- Design, configure, and deploy F5 BIG-IP Advanced WAF policies for web and API applications
- Implement security protections including OWASP Top 10, Bot Defense, Behavioral DoS, Positive Security Models, and API Security
- Develop Python automation for WAF policy deployment, log analysis, configuration drift detection, and attack correlation
- Build automation using iControl REST, AS3, Declarative Onboarding (DO), and CI/CD pipelines
- Develop Terraform/Ansible modules and GitOps workflows for Infrastructure as Code (IaC)
- Create and maintain iRules and iRulesLX for custom traffic management
- Perform WAF tuning, false-positive reduction, incident response support, and security monitoring
- Deliver architecture documentation, operational runbooks, and knowledge transfer sessions
- Implement protections including signature-based detection, positive security models, bot defense, behavioral DoS, and API schema enforcement
- Configure SSL/TLS profiles, certificates, and secure cipher suites
- Develop and maintain iRules and iRulesLX for custom traffic logic
- Integrate automation with iControl REST, AS3, DO, and CI/CD pipelines
- Build internal CLI tools or microservices to streamline WAF operations
- Convert manual configurations into AS3/DO declarative templates
- Implement GitOps workflows for WAF lifecycle management
- Conduct threat analysis, log review, and attack pattern correlation
- Support incident response teams during active security events
- Provide recommendations to improve application security posture
- Deliver runbooks, architecture diagrams, and operational procedures
- Conduct training sessions for internal teams
- Maintain detailed change logs and configuration documentation
- Enterprise WAF baseline policy package
- Python automation toolkit for policy lifecycle management
- AS3/DO declarative templates for standardized deployments
- CI/CD integration pipelines for automated configuration
- Bot mitigation and DoS protection configurations
- API security enforcement profiles
- Architecture diagrams and deployment models
- Operational runbooks for WAF and automation workflows
- Weekly or bi-weekly status reports
- Final project summary and knowledge-transfer documentation
Skills
- 5+ years of experience with F5 BIG-IP, including LTM and ASM/Advanced WAF
- Strong Python 3.x development skills
- Experience with iControl REST, iRules, iRulesLX, AS3, DO, and TS
- Deep understanding of OWASP Top 10, API Top 10, HTTP/HTTPS, and TLS/SSL
- Experience integrating WAF controls into CI/CD pipelines
- Familiarity with Terraform, Ansible, or similar IaC tools
- F5 certifications such as F5-CA or F5-CTS
- Experience in regulated industries such as financial services or healthcare
- Experience with cloud WAF capabilities across AWS, Azure, or Google Cloud Platform
Company Overview