L2 F5 Application Security Engineer

The L2 F5 Application Security Engineer provides day-to-day operational support, monitoring, and maintenance for the full Edge Protection tool-set mandated by SAMA: F5 BIG-IP (Access Policy Manager, Web Application Firewall, Local & Global Traffic Manager) and Infoblox DNS Security (MANDATORY). The role ensures high availability, policy compliance, and prompt incident response for all edge-security platforms, escalating complex issues to the L3 F5 team. Success is measured by swift ticket resolution, precise change execution, and strict adherence to SAMA/NCA controls.

Key Responsibilities

• Continuously monitor F5 APM, ASM/WAF, LTM, GTM and Infoblox DNS grids for health, performance, and security events.
• Respond to alerts and service-desk tickets within SLA; perform first-pass diagnosis and fix routine issues.
• Implement approved configuration changes: access policies, iRules, WAF policies, DNS RPZ rules, IPAM updates, and GTM load-balancing pools.
• Apply software patches, hot-fixes, and signature updates under change-management guidelines.
• Investigate connectivity, authentication, or DNS anomalies; capture logs, packet traces, and ASM violation details.
• Escalate unresolved or systemic issues to the L3 engineer with clear documentation of findings and attempted fixes.
• Generate daily/weekly health-check reports and edge-security KPI dashboards aligned to SAMA CSF IAM-01 / NET-02 requirements.
• Ensure all changes, incidents, and maintenance tasks are fully documented in ServiceNow.
• Coordinate with network, application, and SOC teams during deployments or incident bridges.
• Maintain and improve runbooks, SOPs, and knowledge-base articles; deliver informal training sessions to L1 analysts.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• 3–5 years hands-on experience supporting F5 BIG-IP modules (minimum APM and ASM/WAF) and Infoblox DNS Security in production.
• Solid understanding of TCP/IP, HTTP/S, SSL/TLS, DNS, and authentication protocols (SAML, OAuth).
• Experience with ServiceNow (or similar ITSM), basic shell/CLI troubleshooting, and log analysis tools.
• Working knowledge of SAMA Cybersecurity Framework or NCA ECC controls for edge security.

Desired Skills & Certifications

• F5 Certified Administrator (302) or F5 CTS (APM or ASM).
• Infoblox Certified DNS Administrator / Security Expert.
• ITIL Foundation, CompTIA Security+, or equivalent security credential.
• Scripting (Python/TCL/bash) for automation of routine tasks.
• Familiarity with load-balancer traffic policies, iRules/LTM policies, and DNSSEC principles.

Working Conditions

• Full-time on-site role (Sunday–Thursday), 9×5 support with participation in an on-call rota for critical escalations.
• Occasional evening or weekend work during planned maintenance windows.
• Collaborative, fast-paced environment interfacing with network, application, SOC, and compliance teams.

Additional Information
Must be eligible to work in Saudi Arabia and pass SAMA background checks.