L2 F5 Application Security Engineer – Edge Protection

This full-time on-site role in Riyadh, Saudi Arabia, requires an L2 F5 Application Security Engineer for Edge Protection. Working Sunday to Thursday with 9×5 support, this position also includes participation in an on-call rota for critical escalations and may involve occasional evening or weekend work during planned maintenance.

The L2 F5 Application Security Engineer is responsible for operational support, monitoring, and maintenance of the Edge Protection tool-set mandated by SAMA, including F5 BIG-IP (Access Policy Manager, Web Application Firewall, Local & Global Traffic Manager) and Infoblox DNS Security. The main objectives are to ensure high availability, policy compliance, and prompt incident response for all edge-security platforms while escalating complex issues to the L3 F5 team. Success will be measured by swift ticket resolution, precise change execution, and strict adherence to SAMA/NCA controls.

Key Responsibilities:

• Operational Support & Monitoring: Continuously monitor F5 APM, ASM/WAF, LTM, GTM, and Infoblox DNS grids for health, performance, and security events. Respond to alerts and service-desk tickets within SLA; perform first-pass diagnosis and fix routine issues.

• Configuration & Maintenance: Implement approved configuration changes including access policies, iRules, WAF policies, DNS RPZ rules, IPAM updates, and GTM load-balancing pools. Apply software patches, hot-fixes, and signature updates under change-management guidelines.

• Incident Handling & Escalation: Investigate connectivity, authentication, or DNS anomalies, capturing logs, packet traces, and ASM violation details. Escalate unresolved or systemic issues to the L3 engineer with clear documentation of findings and attempted fixes.

• Compliance & Reporting: Generate daily/weekly health-check reports and edge-security KPI dashboards aligned to SAMA CSF IAM-01 / NET-02 requirements. Ensure all changes, incidents, and maintenance tasks are documented in ServiceNow.

• Collaboration & Knowledge Transfer: Work with network, application, and SOC teams during deployments or incident management. Maintain and improve runbooks, SOPs, and knowledge-base articles; provide informal training sessions to L1 analysts.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• 3–5 years hands-on experience supporting F5 BIG-IP modules (APM and ASM/WAF) and Infoblox DNS Security in production.
• Strong understanding of TCP/IP, HTTP/S, SSL/TLS, DNS, and authentication protocols (SAML, OAuth).
• Familiarity with ServiceNow (or similar ITSM), basic shell/CLI troubleshooting, and log analysis tools.
• Knowledge of SAMA Cybersecurity Framework or NCA ECC controls related to edge security.

Desired Skills & Certifications:

• F5 Certified Administrator (302) or F5 CTS (APM or ASM).
• Infoblox Certified DNS Administrator / Security Expert.
• ITIL Foundation, CompTIA Security+, or equivalent certification.
• Scripting (Python/TCL/bash) experience for automation of tasks.
• Understanding of load-balancer traffic policies, iRules/LTM policies, and DNSSEC principles.

Language Requirements:

Must be eligible to work in Saudi Arabia and pass SAMA background checks.

Company Culture:

At DXC Technology, we value strong connections and community as keys to success. Our work model prioritizes in-person collaboration while providing flexibility to support wellbeing, productivity, and individual work styles. We are committed to fostering an inclusive environment where everyone can thrive.